tkshnwesper/setup.sh

## setup.sh
sudo apt install dnsmasq hostapd -y

sudo echo "denyinterfaces wlan0" | sudo tee -a /etc/dhcpcd.conf

sudo tee /etc/network/interfaces.d/wlan0 << EOM
allow-hotplug wlan0
iface wlan0 inet static
    address 172.24.1.1
    netmask 255.255.255.0
    network 172.24.1.0
    broadcast 172.24.1.255
EOM

sudo service dhcpcd restart

sudo ifdown wlan0; sudo ifup wlan0

sudo tee /etc/hostapd/hostapd.conf << EOM
# This is the name of the WiFi interface we configured above
interface=wlan0
# Use the nl80211 driver with the brcmfmac driver
driver=nl80211
# This is the name of the network
ssid=Pi3-AP
# Use the 2.4GHz band
hw_mode=g
# Use channel 6
channel=6
# Enable 802.11n
ieee80211n=1
# Enable WMM
wmm_enabled=1
# Enable 40MHz channels with 20ns guard interval
ht_capab=[HT40][SHORT-GI-20][DSSS_CCK-40]
# Accept all MAC addresses
macaddr_acl=0
# Use WPA authentication
auth_algs=1
# Require clients to know the network name
ignore_broadcast_ssid=0
# Use WPA2
wpa=2
# Use a pre-shared key
wpa_key_mgmt=WPA-PSK
# The network passphrase
wpa_passphrase=raspberry
# Use AES, instead of TKIP
rsn_pairwise=CCMP
EOM

sudo sed -i "s/^#DAEMON_CONF=\"\"/DAEMON_CONF=\"\/etc\/hostapd\/hostapd.conf\"/" /etc/default/hostapd

sudo mv /etc/dnsmasq.conf /etc/dnsmasq.conf.orig

sudo tee /etc/dnsmasq.conf << EOM
interface=wlan0      # Use interface wlan0
listen-address=172.24.1.1 # Explicitly specify the address to listen on
bind-interfaces      # Bind to the interface to make sure we aren't sending things elsewhere
server=8.8.8.8       # Forward DNS requests to Google DNS
domain-needed        # Don't forward short names
bogus-priv           # Never forward addresses in the non-routed address spaces.
dhcp-range=172.24.1.50,172.24.1.150,12h # Assign IP addresses between 172.24.1.50 and 172.24.1.150 with a 12 hour lease time
dhcp-authoritative
EOM

sudo sed -i "s/^#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/" /etc/sysctl.conf

sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sudo iptables -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT

sudo sh -c "iptables-save > /etc/iptables.ipv4.nat"

sudo sed -i "s/^exit 0$/sudo iptables-restore < \/etc\/iptables.ipv4.nat\nexit 0/" /etc/rc.local

sudo service hostapd start
sudo service dnsmasq start

sudo reboot
	sudo apt install dnsmasq hostapd -y

	sudo echo "denyinterfaces wlan0" \| sudo tee -a /etc/dhcpcd.conf

	sudo tee /etc/network/interfaces.d/wlan0 << EOM
	allow-hotplug wlan0
	iface wlan0 inet static
	address 172.24.1.1
	netmask 255.255.255.0
	network 172.24.1.0
	broadcast 172.24.1.255
	EOM

	sudo service dhcpcd restart

	sudo ifdown wlan0; sudo ifup wlan0

	sudo tee /etc/hostapd/hostapd.conf << EOM
	# This is the name of the WiFi interface we configured above
	interface=wlan0
	# Use the nl80211 driver with the brcmfmac driver
	driver=nl80211
	# This is the name of the network
	ssid=Pi3-AP
	# Use the 2.4GHz band
	hw_mode=g
	# Use channel 6
	channel=6
	# Enable 802.11n
	ieee80211n=1
	# Enable WMM
	wmm_enabled=1
	# Enable 40MHz channels with 20ns guard interval
	ht_capab=[HT40][SHORT-GI-20][DSSS_CCK-40]
	# Accept all MAC addresses
	macaddr_acl=0
	# Use WPA authentication
	auth_algs=1
	# Require clients to know the network name
	ignore_broadcast_ssid=0
	# Use WPA2
	wpa=2
	# Use a pre-shared key
	wpa_key_mgmt=WPA-PSK
	# The network passphrase
	wpa_passphrase=raspberry
	# Use AES, instead of TKIP
	rsn_pairwise=CCMP
	EOM

	sudo sed -i "s/^#DAEMON_CONF=\"\"/DAEMON_CONF=\"\/etc\/hostapd\/hostapd.conf\"/" /etc/default/hostapd

	sudo mv /etc/dnsmasq.conf /etc/dnsmasq.conf.orig

	sudo tee /etc/dnsmasq.conf << EOM
	interface=wlan0 # Use interface wlan0
	listen-address=172.24.1.1 # Explicitly specify the address to listen on
	bind-interfaces # Bind to the interface to make sure we aren't sending things elsewhere
	server=8.8.8.8 # Forward DNS requests to Google DNS
	domain-needed # Don't forward short names
	bogus-priv # Never forward addresses in the non-routed address spaces.
	dhcp-range=172.24.1.50,172.24.1.150,12h # Assign IP addresses between 172.24.1.50 and 172.24.1.150 with a 12 hour lease time
	dhcp-authoritative
	EOM

	sudo sed -i "s/^#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/" /etc/sysctl.conf

	sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
	sudo iptables -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
	sudo iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT

	sudo sh -c "iptables-save > /etc/iptables.ipv4.nat"

	sudo sed -i "s/^exit 0$/sudo iptables-restore < \/etc\/iptables.ipv4.nat\nexit 0/" /etc/rc.local

	sudo service hostapd start
	sudo service dnsmasq start

	sudo reboot