How to setup a wireless access point: Difference between revisions

From Alpine Linux
mNo edit summary
(replace /etc/init.d with rc-service)
 
(16 intermediate revisions by 8 users not shown)
Line 1: Line 1:
{{Draft}}
{{Draft}}
This page will show a step by step guide to setting up Alpine Linux as a secure wireless access point.  Basic steps are to:
# Install needed packages
# Insure your wireless card is detected and in master/ap mode
# Setup bridge between eth0 and wlan0
# Setup encryption on wlan0
# Setup hostapd
# Associate clients!


== Install needed packages ==
== Install needed packages ==
apk add hostapd wireless-tools wpa_supplicant
{{Cmd|apk add bridge hostapd wireless-tools wpa_supplicant}}


== Check that card is detected ==
== Check that the card is detected ==
Simplest way is to check /proc/net/dev and see which are detected there. If not, check what driver the card uses, modprobe it. Last, check that card is in master mode, which is different for each card (hint: google is your friend here)
Run cat /proc/net/dev to see which cards are detected.
If no cards are available, check what driver the card uses and modprobe it.
Check that the card is in master mode.


== Setup Bridge ==
== Setup Bridge ==
{{:Setting Up a bridge}}
Setup the bridge by editing <samp>/etc/network/interfaces</samp>. Assuming you wish to bridge the access point to the ethernet device <samp>eth0</samp>, you can add something like this:
<pre>
auto br0
iface br0 inet dhcp
  hostname alpine
  bridge-ports eth0
</pre>
Comment out any existing lines configuring <samp>eth0</samp> as this should now be handled via the bridge configuration. It is not necessary to mention <samp>wlan0</samp> here, as <samp>hostapd</samp> will take care of adding the device to the bridge later.
 
Please see [[Bridge]] for more information on network bridges.


== Setup Encryption ==
== Setup Encryption ==
Create /etc/hostapd/wpa_psk (with 600 permissions) and insert the following, replacing PASSPHRASE with the WPA_PSK key you would like to use:
Edit /etc/hostapd/hostapd.wpa_psk and insert the following, replacing PASSPHRASE with the WPA_PSK key you would like to use (remove keys that you don't want to use):
00:00:00:00:00:00 PASSPHRASE
00:00:00:00:00:00 PASSPHRASE


== Setup hostapd ==
== Setup hostapd ==


Create /etc/hostapd/hostapd.conf (replacing madwifi, SecureSSID with appropriate entries).:
Edit /etc/hostapd/hostapd.conf and make the necessary changes such as interface, bridge, driver, ssid, etc.
  interface=ath0
Example file below:
  interface=wlan0
  bridge=br0
  bridge=br0
  driver=madwifi
  driver=hostap
  logger_syslog=-1
  logger_syslog=-1
  logger_syslog_level=2
  logger_syslog_level=2
Line 42: Line 47:
  eap_server=0
  eap_server=0
  wpa=3
  wpa=3
  wpa_psk_file=/etc/hostapd/wpa_psk
  wpa_psk_file=/etc/hostapd/hostapd.wpa_psk
  wpa_key_mgmt=WPA-PSK
  wpa_key_mgmt=WPA-PSK
  wpa_pairwise=CCMP
  wpa_pairwise=CCMP
If you wish to use MAC address filtering, uncomment the above 2 lines, create /etc/hostapd/accept (with 600 permissions) and add the allowed clients' MAC address to the file.<br />
If you wish to use MAC address filtering, uncomment the lines starting with macaddr_acl and accept_mac_file, create /etc/hostapd/accept (with permissions set to 600) and add the allowed clients' MAC address to the file.<br />
 
Start hostapd.
Start hostapd.
/etc/init.d/hostapd start
 
{{Cmd|rc-service hostapd start}}


== Associate clients ==
== Associate clients ==
Depending on the client OS software, either just associate the client, or once again see google :).
Associate a few clients to test.
 
== See also ==
* [[Wireless AP with udhcpd and NAT]]
* [[Raspberry Pi 3 - Configuring it as wireless access point -AP Mode]]
 
[[Category:Networking]]

Latest revision as of 10:26, 17 November 2023

This material is work-in-progress ...

Do not follow instructions here until this notice is removed.
(Last edited by Sertonix on 17 Nov 2023.)

Install needed packages

apk add bridge hostapd wireless-tools wpa_supplicant

Check that the card is detected

Run cat /proc/net/dev to see which cards are detected. If no cards are available, check what driver the card uses and modprobe it. Check that the card is in master mode.

Setup Bridge

Setup the bridge by editing /etc/network/interfaces. Assuming you wish to bridge the access point to the ethernet device eth0, you can add something like this:

auto br0
iface br0 inet dhcp
  hostname alpine
  bridge-ports eth0

Comment out any existing lines configuring eth0 as this should now be handled via the bridge configuration. It is not necessary to mention wlan0 here, as hostapd will take care of adding the device to the bridge later.

Please see Bridge for more information on network bridges.

Setup Encryption

Edit /etc/hostapd/hostapd.wpa_psk and insert the following, replacing PASSPHRASE with the WPA_PSK key you would like to use (remove keys that you don't want to use):

00:00:00:00:00:00 PASSPHRASE

Setup hostapd

Edit /etc/hostapd/hostapd.conf and make the necessary changes such as interface, bridge, driver, ssid, etc. Example file below:

interface=wlan0
bridge=br0
driver=hostap
logger_syslog=-1
logger_syslog_level=2
logger_stdout=-1
logger_stdout_level=2
debug=0
dump_file=/tmp/hostapd.dump
ctrl_interface=/var/run/hostapd
ctrl_interface_group=0
ssid=SecureSSID
#macaddr_acl=1
#accept_mac_file=/etc/hostapd/accept
auth_algs=3
eapol_key_index_workaround=0
eap_server=0
wpa=3
wpa_psk_file=/etc/hostapd/hostapd.wpa_psk
wpa_key_mgmt=WPA-PSK
wpa_pairwise=CCMP

If you wish to use MAC address filtering, uncomment the lines starting with macaddr_acl and accept_mac_file, create /etc/hostapd/accept (with permissions set to 600) and add the allowed clients' MAC address to the file.

Start hostapd.

rc-service hostapd start

Associate clients

Associate a few clients to test.

See also