Ubuntu – How to create a non-adhoc wifi hotspot

adhochostapdnetwork-bridgenetwork-managerwireless-access-point

I wanted to use my desktop with a wired ethernet connection (eth0) to operate my "TP-LINK TL-WN722N" USB Wifi Adapter (wlan0) as a non-adhoc (infrastructure mode) access point for my Android to connect to.

After MUCH searching, I finally found a method (spread across many websites) that does most of what I need…

Dependencies:

 hostapd
 bridge-utils

I modified "/etc/network/interfaces"

sudo gedit /etc/network/interfaces

to contain:

# This file describes the network interfaces available on your system
# and how to activate them.

auto lo br0
iface lo inet loopback

allow-hotplug eth0
iface eth0 inet manual

allow-hotplug wlan0
iface wlan0 inet manual

# Bridge setup

# for dhcp address
iface br0 inet dhcp
bridge_ports eth0 wlan0

# for static ip
# iface br0 inet static
# bridge_ports eth0 wlan0
# adapt with your network settings
# address 192.168.1.250
# netmask 255.255.255.0
# network 192.168.1.0
# broadcast 192.168.1.255
# gateway 192.168.1.1
# dns-* options are implemented by the resolvconf package, if installed
# dns-nameservers 192.168.1.1
# dns-search localdomain

### Reference ###

# Creating a Wireless Access Point with Debian Linux « Agent Oss (October 31, 2011)
# https://agentoss.wordpress.com/2011/10/31/creating-a-wireless-access-point-with-debian-linux/

My "/etc/hostapd/hostapd.conf" (which I somehow managed to put together myself)

sudo gedit /etc/hostapd/hostapd.conf

contains:

 ### Guts ###

 interface=wlan0
 bridge=br0
 driver=nl80211

 ### General ###

 ssid=____________________
 hw_mode=g
 channel=1

 ### Security ###

 macaddr_acl=0
 auth_algs=1
 ignore_broadcast_ssid=0     ## 0 visible # 1 hidden ##
 wpa=2
 wpa_passphrase=____________________
 wpa_key_mgmt=WPA-PSK
 wpa_pairwise=TKIP
 rsn_pairwise=CCMP

 ### Reference ###

 ## Created Tuesday, February 14, 2012 ## Ubuntu 11.10/12.04 ##

 # Hostapd Linux Documentation Page
 # http://linuxwireless.org/en/users/Documentation/hostapd

 # Creating a Network Bridge on Ubuntu (January 16th, 2011)
 # http://webserver.linuxportal.nl/?p=422

(I've edited out the security bits for this post)

All of that allows me to open up a Terminal and execute:

 sudo hostapd -B /etc/hostapd/hostapd.conf

to have a functioning access point that my Android and all other WiFi devices can connect to.

Aside from sharing this method with others since info for this setup is so sparse; there are three problems that would be nice to fix:

  1. This configuration deactivates network manager and all of its functions. When you click it, it gives a "device not managed" message. (not essential, but a bit annoying to me)
  2. This method can struggle with IP addresses from time to time.
  3. I must use a terminal to turn on Wifi. (Ok for me, but not family friendly). I figured out how to make a launcher using gksu and a simple script
    if anyone needs one…

Launching wifi/Hostapd without a terminal

  1. (Why can't network manager do this out-of-the-box??)

Thanks in advance! I hope all of this can help someone else; I've never written a tutorial before and know virtually nothing about networking…

Perhaps related to network bridge – without destroying network manager (among others).

Tested using Ubuntu 11.10, 12.04.

Best Answer

I'm not sure about how to do this without clobbering NM, but it is possible to run automatically at boot and get IP addresses to assign easily (at least I have managed this with the same wireless card). This requires the packages hostapd and dnsmasq (not dnsmasq-base)

/etc/hostapd/hostapd.conf:

interface=wlan0
driver=nl80211 # This works on my TL-WN722N

ssid=______

channel=6
hw_mode=g

auth_algs=1
wpa=3
wpa_passphrase=_____
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP CCMP
rsn_pairwise=CCMP

/etc/default/hostapd:

# Defaults for hostapd initscript
#
# See /usr/share/doc/hostapd/README.Debian for information about alternative
# methods of managing hostapd.
#
# Uncomment and set DAEMON_CONF to the absolute path of a hostapd configuration
# file and hostapd will be started during system boot. An example configuration
# file can be found at /usr/share/doc/hostapd/examples/hostapd.conf.gz
#
DAEMON_CONF="/etc/hostapd/hostapd.conf"

# Additional daemon options to be appended to hostapd command:-
#   -d   show more debug messages (-dd for even more)
#   -K   include key data in debug messages
#   -t   include timestamps in some debug messages
#
# Note that -B (daemon mode) and -P (pidfile) options are automatically
# configured by the init.d script and must not be added to DAEMON_OPTS.
#
#DAEMON_OPTS=""

/etc/dnsmasq.conf (diff against maintainer's version):

--- /etc/dnsmasq.conf.dpkg-dist 2011-09-20 00:28:30.000000000 +0100
+++ /etc/dnsmasq.conf   2012-02-13 21:03:03.713554612 +0000
@@ -82,7 +82,7 @@
 # specified interfaces (and the loopback) give the name of the
 # interface (eg eth0) here.
 # Repeat the line for more than one interface.
-#interface=
+interface=wlan0
 # Or you can specify which interface _not_ to listen on
 #except-interface=
 # Or which to listen on by address (remember to include 127.0.0.1 if
@@ -133,7 +133,7 @@
 # a lease time. If you have more than one network, you will need to
 # repeat this for each network on which you want to supply DHCP
 # service.
-#dhcp-range=192.168.0.50,192.168.0.150,12h
+dhcp-range=192.168.3.10,192.168.3.49,12h

 # This is an example of a DHCP range where the netmask is given. This
 # is needed for networks we reach the dnsmasq DHCP server via a relay

/etc/network/interfaces:

auto lo
iface lo inet loopback

auto wlan0
iface wlan0 inet static
    address 192.168.3.1/24
    broadcast 192.168.3.255

/etc/sysctl.conf patch (run sudo sysctl -p /etc/sysctl.conf after changing):

--- sysctl.conf 2012-05-14 18:06:57.514873009 +0100
+++ /etc/sysctl.conf    2012-05-14 18:09:27.122876525 +0100
@@ -25,7 +25,7 @@
 #net.ipv4.tcp_syncookies=1

 # Uncomment the next line to enable packet forwarding for IPv4
-#net.ipv4.ip_forward=1
+net.ipv4.ip_forward=1

 # Uncomment the next line to enable packet forwarding for IPv6
 #  Enabling this option disables Stateless Address Autoconfiguration

Finally, set up NAT in iptables:

sudo iptables -A FORWARD -o eth0 -i eth1 -s 192.168.0.0/24 -m conntrack --ctstate NEW -j ACCEPT
sudo iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
sudo iptables -A POSTROUTING -t nat -j MASQUERADE
sudo iptables-save | sudo tee /etc/iptables.sav

and add iptables-restore < /etc/iptables.sav above exit 0 in /etc/rc.local.

This setup was mostly implemented by reading this howto and staring at man pages scratching my head.

Related Question