- hostapd
- dnsmasq
- ntop
- iptables
Manually manage the wireless interface.
/etc/NetworkManager/NetworkManager.conf
[keyfile]
unmanaged-devices=mac:8c:70:5a:ff:ed:a4
$ sudo ip link set up dev wlp3s0
$ sudo ip addr add 10.0.0.1/24 dev wlp3s0
/etc/hostapd/hostapd.conf
sid=YoanBlancAP
utf8_ssid=1
interface=wlp3s0
auth_algs=3
country_code=CH
channel=7
# Problem on windows?
#require_ht=0
driver=nl80211
hw_mode=g
logger_stdout=-1
logger_stdout_level=2
max_num_sta=5
rsn_pairwise=CCMP
# client isolation
ap_isolate=1
wpa=2
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TIKIP CCMP
wpa_passphrase=testtest
/etc/sysctl.d/hostap.conf
net.ipv4.ip_forward=1
net.ipv6.conf.all.forwarding=1
net.ipv6.conf.default.forwarding=1
iptables
$ sudo iptables-save > old.rules
$ sudo iptables-restore < old.rules
# DHCP
$ sudo iptables -I INPUT -p udp --dport 67 -i wlp3s0 -j ACCEPT
# DNS
$ sudo iptables -I INPUT -p udp --dport 53 -s 10.0.0.0/24 -j ACCEPT
$ sudo iptables -I INPUT -p tcp --dport 53 -s 10.0.0.0/24 -j ACCEPT
$ sudo iptables -t nat -A POSTROUTING -o enp0s26u1u2u4 -j MASQUERADE
$ sudo iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
$ sudo iptables -A FORWARD -i wlp3s0 -o enp0s26u1u2u4 -j ACCEPT
dnsmasq
# /etc/dnsmasq.conf
listen-address=10.0.0.1
resolv-file=/etc/resolv.dnsmasq.conf
dhcp-range=10.0.0.10,10.0.0.200,12h
log-queries
log-dhcp
ntop
$ sudo ntop -W 4223 -i wlp3s0