처음‎ > ‎지식기반‎ > ‎

RPi: Access Point Mode

  • 필요한 package들을 설치한다.
    sudo apt-get install iw
  • 부착한 USB wifi 동글이 AP (access point) 모드를 지원하는지 확인한다.
    iw list
    Supported interface modes:
    * AP
  • 확인이 안되는 경우 lsmod 명령을 실행 해서 'mac80211' 모듈이 로딩 되어 있는지를 확인 한다.
  • 지원이 확인 되면 필요한 package를 설치 한다.
    sudo apt-get install hostapd dnsmasq
  • wifi 장치에 고정IP를 할당한다.
    sudo nano /etc/network/interfaces

    /etc/network/interfaces

    iface wlan0 inet static
        address 10.0.0.1
        netmask 255.255.255.0
  • hostapd의 설정파일을 만든다.
    sudo nano /etc/hostapd/hostapd.conf

    /etc/hostapd/hostapd.conf

    # First we configure the interface we'll be listening on
    # The interface to listen on
    interface=wlan0
    #driver=nl80211
    # The driver that is being used by the WiFi adapter, this could be different for everyone
    ctrl_interface=/var/run/hostapd
    # These 2 are just parameters so that the hostap daemon runs.
    ctrl_interface_group=0


    # Now onto the important WiFi configuration
    ssid=RaspAP
    # First up, the SSID or Network name. This is what other devices will see when they try to connect.
    hw_mode=g
    # I'm setting this to Wireless G mode. A, B, and G are available here.
    channel=8
    # This is setting the channel that the WiFi is on, valid channels are from 1-11, or 1-14 depending on location.


    # Wifi Security Settings
    wpa=2 # This sets the security settings to WPA2
    wpa_psk=928519398acf811e96f5dcac68a11d6aa876140599be3dd49612e760a2aaac0e
    # The line above sets the wpa passphrase to "raspiwlan", this is obtained via the wpa_passphrase command.
    # However, you can also set a passphrase like the line below.
    #wpa_passphrase=raspiwlan


    wpa_key_mgmt=WPA-PSK
    wpa_pairwise=CCMP
    rsn_pairwise=CCMP
    # I've set these to WPA-PSK to indicate that we are using a Pre-Shared Key with CCMP encryption.
    # Otherwise, hostapd also has a built in RADIUS server that we can use for authentcation
    # But I'll leave that to another post.


    # Other settings
    # This sets how often the WiFi will send a beacon out.
    beacon_int=100
    auth_algs=3
    wmm_enabled=1
  • 설정파일을 인식 시킨다.
    sudo nano /etc/default/hostapd

    /etc/default/hostapd

    DAEMON_CONF="/etc/hostapd/hostapd.conf"
  • dnsmasq 설정파일을 수정한다.
    sudo nano /etc/dnsmasq.conf

    /etc/dnsmasq.conf

    # To get dnsmasq to listen only on wlan0.interface=wlan0
    # This sets the available range from 10.0.0.2 to 10.0.0.5
    dhcp-range=10.0.0.2,10.0.0.5,255.255.255.0,12h
    # It also sets the subnet mask to 255.255.255.0 and specifies a lease time of 12 hours.
  • 연결을 확인한다.
연결은 되었지만 ....
  • package forwarding을 준비 한다.
    sudo nano /etc/sysctl.conf

    /etc/sysctl.conf

    net.ipv4.ip_forward=1
  • 설정파일을 다시 읽어 들인다.
    sudo sysctl -p
  • iptables을 설치 한다.
    sudo apt-get install iptables
  • dnsmasq.conf를 설정한다

    /etc/dnsmasq.conf

    dhcp-option=3,10.0.0.1
  • router 실행파일을 작성 한다.
    sudo nano /etc/network/if-up.d/router

    /etc/network/if-up.d/router

    #!/bin/sh
    iptables -F
    iptables -X


    iptables -A INPUT -i lo -j ACCEPT
    iptables -A OUTPUT -o lo -j ACCEPT
    iptables -A INPUT -i wlan0 -j ACCEPT
    iptables -A OUTPUT -o wlan0 -j ACCEPT


    iptables -A POSTROUTING -t nat -o eth0 -j MASQUERADE
    iptables -A FORWARD -i wlan0 -j ACCEPT
  • 파일 속성을 '실행'으로 변경 한다.
    chmod +x /etc/network/if-up.d/router
  • 파일을 실행 시킨다.
    sudo /etc/network/if-up.d/router
  • wlan0의 IP할당 문제를 해결 한다.
    sudo nano /etc/default/ifplugd

    /etc/default/ifplugd

    INTERFACES="eth0"
    HOTPLUG_INTERFACES="eth0"
    ARGS="-q -f -u0 -d10 -w -I"
    SUSPEND_ACTION="stop"

이제 적당한 Web GUI를 찾아 사용한다.

Addendum A: wlan0 to wlan1 forwarding

/etc/network/interfaces

auto lo

iface lo inet loopback
iface eth0 inet dhcp

allow-hotplug wlan0
iface wlan0 inet static
        address 10.0.2.1
        netmask 255.255.255.0

auto wlan1
allow-hotplug wlan1
iface wlan1 inet dhcp
  wpa-driver wext
  wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf

/etc/wpa_supplicant/wpa_supplicant.conf

update_config=1
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
eapol_version=1
ap_scan=2

network={
   ssid="..."
   scan_ssid=1
   mode=0
   proto=WPA2
   auth_alg=OPEN
   pairwise=CCMP
   group=CCMP
   key_mgmt=WPA-PSK
   psk="..."
priority=1 } network={ ssid="..."
scan_ssid=1 mode=0 proto=WPA2 auth_alg=OPEN pairwise=CCMP group=CCMP key_mgmt=WPA-PSK psk="..."
priority=0 } # network={ # ssid="" # key_mgmt=NONE #}

/etc/network/if-up.d/router

#!/bin/sh
iptables -F
iptables -X

iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
iptables -A INPUT -i wlan0 -j ACCEPT
iptables -A OUTPUT -o wlan0 -j ACCEPT

iptables -A POSTROUTING -t nat -o wlan1 -j MASQUERADE
iptables -A FORWARD -i wlan0 -j ACCEPT

References

Comments