#!/bin/sh # Script to start/stop a hostapd-based access point # # Sample start call "control_ap start wlan0 eth0 encrypt" # Stop with "control_ap stop" # ENCRYPT=$4 case "$1" in start) if [ $# -le 2 ] then echo "Usage: $0 start AP_iface NET_iface " echo " Optional encrypt is wpa, wpa2, wep, or none. If not given, wpa2 is assumed" exit 1 fi if [ $# -eq 3 ] then ENCRYPT="wpa2" fi ;; stop) if [ $# -ne 1 ] then echo "Usage: $0 stop" exit 1 fi ;; *) echo "Usage:" echo "$0 start AP-iface net_iface " echo "or" echo "$0 stop" exit 1 ;; esac # Symbols for needed programs IPTABLES=/usr/sbin/iptables IFCONFIG=/usr/bin/ifconfig DHCPD=/sbin/dhcpd HOSTAPD=/home/finger/hostapd-2.9/hostapd/hostapd #HOSTAPD=/sbin/hostapd #HOSTAPD=/home/finger/hostapd-0.8/hostapd/hostapd OPT=-ddK NET_AP=$2 NET_EXT=$3 # First 3 octets of IP address for the AP AP_ADDR=192.168.0 # IP address for nameserver NAME_SERVER=8.8.8.8 # AP Channel, SSID, Encryption method, and Encryption secret AP_CHANNEL=6 AP_SSID=TEST-LARRY WPA_SECRET=TheSecret WEP_SECRET=123456789a case "$1" in start) echo "Starting AP mode for $NET_AP at address $AP_ADDR" # Disable packet forwarding echo 0 > /proc/sys/net/ipv4/ip_forward # Stop any existing hostapd and dhcpd daemons killproc hostapd killproc dhcpd #Set up forwarding $IPTABLES -t nat -A POSTROUTING -o $NET_EXT -j MASQUERADE $IPTABLES -A FORWARD -i $NET_EXT -o $NET_AP -m state \ --state RELATED,ESTABLISHED -j ACCEPT $IPTABLES -A FORWARD -i $NET_AP -o $NET_EXT -j ACCEPT # Enable packet forwarding echo 1 > /proc/sys/net/ipv4/ip_forward # Get the AP interface in the right state $IFCONFIG $NET_AP down $IFCONFIG $NET_AP up $IFCONFIG $NET_AP $AP_ADDR.1 # dhcpd needs to have a leases file available - create it if needed if [ ! -f /var/lib/dhcp/db/dhcpd.leases ]; then touch /var/lib/dhcp/db/dhcpd.leases fi # Write the DHCP server configuration file echo "option domain-name-servers $NAME_SERVER;" > ~/dhcpd.conf echo "default-lease-time 600;" >> ~/dhcpd.conf echo "max-lease-time 7200;" >> ~/dhcpd.conf echo "ddns-update-style none; ddns-updates off;" >> ~/dhcpd.conf echo "subnet $AP_ADDR.0 netmask 255.255.255.0 {" >> ~/dhcpd.conf echo " range $AP_ADDR.200 $AP_ADDR.229;" >> ~/dhcpd.conf echo " option subnet-mask 255.255.255.0;" >> ~/dhcpd.conf echo " option broadcast-address $AP_ADDR.255;" >> ~/dhcpd.conf echo " option routers $AP_ADDR.1;" >> ~/dhcpd.conf echo "}" >> ~/dhcpd.conf $DHCPD -cf ~/dhcpd.conf $NET_AP # Write the hostapd configuration file echo "interface=$NET_AP" > ~/hostapd.conf echo "driver=nl80211" >> ~/hostapd.conf # echo "driver=rtl871x" >> ~/hostapd.conf echo "hw_mode=g" >> ~/hostapd.conf echo "channel=$AP_CHANNEL" >> ~/hostapd.conf case "$ENCRYPT" in "wpa") echo "Setting up wpa" echo "wpa=1" >> ~/hostapd.conf echo "wpa_key_mgmt=WPA-PSK" >> ~/hostapd.conf echo "wpa_pairwise=TKIP" >> ~/hostapd.conf echo "wpa_passphrase=$WPA_SECRET" >> ~/hostapd.conf echo "ssid=$AP_SSID-wpa" >> ~/hostapd.conf ;; "wpa2") echo "Setting up wpa2" echo "wpa=2" >> ~/hostapd.conf # echo "wpa_key_mgmt=WPA-PSK" >> ~/hostapd.conf echo "wpa_pairwise=CCMP" >> ~/hostapd.conf echo "rsn_pairwise=CCMP" >> ~/hostapd.conf echo "wpa_passphrase=$WPA_SECRET" >> ~/hostapd.conf echo "ssid=$AP_SSID-wpa2" >> ~/hostapd.conf ;; "wep") echo "Setting up wep" echo "wep_default_key=0" >> ~/hostapd.conf echo "wep_key0=$WEP_SECRET" >> ~/hostapd.conf echo "ssid=$AP_SSID-wep" >> ~/hostapd.conf ;; "none") echo "No encryption" echo "ssid=$AP_SSID" >> ~/hostapd.conf ;; *) echo "Improper value for encryption" exit 1 ;; esac # echo "ssid=$AP_SSID" >> ~/hostapd.conf echo "beacon_int=100" >> ~/hostapd.conf echo "dtim_period=2" >> ~/hostapd.conf echo "max_num_sta=20" >> ~/hostapd.conf echo "rts_threshold=2347" >> ~/hostapd.conf echo "fragm_threshold=2346" >> ~/hostapd.conf echo "preamble=1" >> ~/hostapd.conf echo "macaddr_acl=0" >> ~/hostapd.conf echo "auth_algs=1" >> ~/hostapd.conf echo "ignore_broadcast_ssid=0" >> ~/hostapd.conf echo "wmm_enabled=1" >> ~/hostapd.conf echo "wmm_ac_bk_cwmin=4" >> ~/hostapd.conf echo "wmm_ac_bk_cwmax=10" >> ~/hostapd.conf echo "wmm_ac_bk_aifs=7" >> ~/hostapd.conf echo "wmm_ac_bk_txop_limit=0" >> ~/hostapd.conf echo "wmm_ac_bk_acm=0" >> ~/hostapd.conf echo "wmm_ac_be_aifs=3" >> ~/hostapd.conf echo "wmm_ac_be_cwmin=4" >> ~/hostapd.conf echo "wmm_ac_be_cwmax=10" >> ~/hostapd.conf echo "wmm_ac_be_txop_limit=0" >> ~/hostapd.conf echo "wmm_ac_be_acm=0" >> ~/hostapd.conf echo "wmm_ac_vi_aifs=2" >> ~/hostapd.conf echo "wmm_ac_vi_cwmin=3" >> ~/hostapd.conf echo "wmm_ac_vi_cwmax=4" >> ~/hostapd.conf echo "wmm_ac_vi_txop_limit=94" >> ~/hostapd.conf echo "wmm_ac_vi_acm=0" >> ~/hostapd.conf echo "wmm_ac_vo_aifs=2" >> ~/hostapd.conf echo "wmm_ac_vo_cwmin=2" >> ~/hostapd.conf echo "wmm_ac_vo_cwmax=3" >> ~/hostapd.conf echo "wmm_ac_vo_txop_limit=47" >> ~/hostapd.conf echo "wmm_ac_vo_acm=0" >> ~/hostapd.conf #echo "ieee80211n=1" >> ~/hostapd.conf #echo "ht_capab=[HT40+][SHORT-GI-40][DSSS_CCK-40]" >> ~/hostapd.conf echo "logger_syslog=-1" >> ~/hostapd.conf echo "logger_syslog_level=0" >> ~/hostapd.conf echo "logger_stdout=-1" >> ~/hostapd.conf echo "logger_stdout_level=0" >> ~/hostapd.conf echo "ctrl_interface=/var/run/hostapd" >> ~/hostapd.conf echo "ctrl_interface_group=0" >> ~/hostapd.conf # Bring up hostapd $HOSTAPD $OPT -B -dd ~/hostapd.conf ;; stop) echo "Stopping AP mode" # Stop hostapd and dhcpd daemons killproc hostapd killproc dhcpd # rm -f ~/hostapd.conf rm -f ~/dhcpd.conf ;; esac