hostapdstart.sh

hostapdstart.sh

#!/bin/bash
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

# 1. Add virtual interface

echo "-> Adding Virtual Interface wlan1"

iw dev wlan0 interface add wlan1 type __ap
if [ $? -eq 0 ]; then
   echo "OK"
else
    echo "FAIL"
fi

# Restart dnsmasq
echo "-> Restarting dnsmasq"
/etc/init.d/dnsmasq restart
if [ $? -eq 0 ]; then
   echo "OK"
else
    echo "FAIL"
fi

# Turn on IP Forwarding (which is disabled by default)
echo "-> Turning ON IP Forwarding"
sysctl net.ipv4.ip_forward=1
if [ $? -eq 0 ]; then
   echo "OK"
else
    echo "FAIL"
fi

# Configure firewall for new Access Point
#
# In the NAT table (-t nat), Append a rule (-A) after routing
# (POSTROUTING) for all packets coming from source 192.168.50.xx
# (-s 192.168.50.0/24) and not going to destination 192.168.50.xx
# (! -d 192.168.50.0/24) which says to MASQUERADE the connection
# (-j MASQUERADE).
# Note: we are not doing ANY filtering here -
# We simply want to tell linux that all packets coming from
# our internal network should be made to look like they are coming
# from our dynamically assigned IP address obtained by our internet
# provider. Masquerade is the same as Source NAT but will automatically
# update the source IP address to the dynamically assigned IP address from provider.
echo "-> Adding NAT Rule"
iptables -t nat -A POSTROUTING -s 192.168.50.0/24 ! -d 192.168.50.0/24 -j MASQUERADE

sysctl net.ipv4.ip_forward=1
if [ $? -eq 0 ]; then
   echo "OK"
else
    echo "FAIL"
fi

# Bring wlan1 interface up
echo "-> Bringing wlan1 up"
ifdown wlan1 && ifup wlan1
if [ $? -eq 0 ]; then
   echo "OK"
else
    echo "FAIL"
fi

# Start hostapd daemon for new access point using hostapd.conf file
# Note: use 'hostapd -dd' to debug more and view logs in /var/log/syslog
# hostapd /etc/hostapd/hostapd.conf
# service hostapd
echo "-> Starting hostapd"
/etc/init.d/hostapd start
if [ $? -eq 0 ]; then
   echo "OK"
else
    echo "FAIL"
fi