RaspberryPi/Access Point: Difference between revisions
From charlesreid1
(Created page with "<!-- The steps for configuring the Raspberry Pi as a wireless access point are: Log in to the Raspberry Pi either directly or remotely. Use the apt-get install command to in...") |
No edit summary |
||
| Line 230: | Line 230: | ||
pi@raspberrypi ~ $ | pi@raspberrypi ~ $ | ||
Reboot: Reboot the system and the Raspberry Pi is a wireless access point! Look for the Raspi_AP network SSID and connect using the password (Pr0t3ct3d) that was defined in the hostapd configuration file (/etc/hostapd/hostapd.conf). | Reboot: Reboot the system and the Raspberry Pi is a wireless access point! Look for the Raspi_AP network SSID and connect using the password (Pr0t3ct3d) that was defined in the hostapd configuration file (/etc/hostapd/hostapd.conf). | ||
--> | |||
==How It Works== | |||
<!-- | |||
Check the wireless USB adapter | |||
Not all wireless USB adapters support Access Point (AP) mode. The iw list command is used to list the wireless capabilities of any attached wireless devices. If AP mode is supported, it will be listed in the section Supported interface modes. | |||
The output of the iw list command is quite long. The grep command is used to filter the output of the iw list command. A pipe (|) is used to connect the output of the iw list command to the input of the grep command. The grep command limits the output of other commands using a regular expression filter ('^[[:blank:]]*\* A' – from the beginning of the line ^ any number of blanks [[:blank:]]* followed by an asterisk \* followed by a space and the capital letter A). | |||
If the wireless adapter is not compatible with hostapd, the iw list command will display the message "nl80211 not found." There may still be a chance for the adapter to work with hostapd; however, it requires recompiling hostapd with another driver (see references at the end of the chapter). | |||
Once the wireless adapter has been tested and shown to support AP mode, configuration of the Raspberry Pi continues. | |||
Configure the DHCP server by using udhcpd | |||
The Dynamic Host Configuration Protocol (DHCP) server (udhcpd) assigns client computers network configuration information; such as the address of a DNS nameserver, an IP address, and a default route (or gateway). When this recipe is complete, the Raspberry Pi will configure its wireless clients using DCHP. | |||
Three changes are made to the DHCP configuration file (/etc/udhcpd.conf): | |||
The wireless interface is selected (wlan0) | |||
The remaining flag is set to support embedded devices (for example, Raspberry Pi) | |||
The default network parameters are defined for wireless clients | |||
The default network parameters are: | |||
dns – the DNS nameserver to use. The system DNS nameserver is defined in /etc/resolv.conf and is displayed in Step 5. | |||
subnet – how many IP addresses are part of the same network subnet. The value 255.255.255.0 is a net mask that matches computers with the same numbers in the first three bytes of the IP address. | |||
router – the static IP address of the Raspberry Pi's wireless interface (192.168.0.1). | |||
domain – the name of the network (local). | |||
lease – how long a network address will be assigned to a specific computer (864000 seconds or 10 days). | |||
The start and end parameters at the top of the configuration file by default are set to the range of IP values from 192.168.0.20 to 192.168.0.254. | |||
If the Raspberry Pi will always be attached to a wired network that has a network timeserver, the remaining time flag does not need to be set. | |||
After udhcpd has been configured, its boot script parameter file (/etc/default/udhcpd) also needs to be changed. The parameter DHCP_ENABLED="no" needs to be commented out (by placing a # at the beginning of the line), so that the DHCP server (udhcpd) is enabled. | |||
Configure the Wireless Access Point server by using hostapd | |||
The Wireless Access Point server (hostapd) manages the wireless connection between other wireless devices and the Raspberry Pi. This includes establishing a secure connection using an encryption protocol like Wi-Fi Protect Access (WPA); and setting the Service Set ID (SSID) and the pre-shared key (PSK). | |||
The created hostapd configuration parameter file includes: | |||
interface – the wireless interface (wlan0) | |||
ssid – the network ID (Raspi_AP) | |||
wpa_passphrase – the passphrase or pre-shared key (Pr0t3ct3d) | |||
driver – the wireless device driver (nl80211) | |||
hw_mode – the hardware mode (g) | |||
channel – the radio frequency channel (6) | |||
macaddr_acl – access control list (0) | |||
auth_algs – the authorization algorithm to use (1 – open auth) | |||
ignore_broadcast_ssid – enable broadcasting the network ID (0 – don't ignore broadcasting) | |||
wpa – which version of WPA (2) | |||
wpa_key_mgmt – which key manages algorithm (WPA-PSK) | |||
wpa_pairwise – WPA v1 data encryption (TKIP) | |||
rsn_pairwise – WPA v2 data encryption (CCMP) | |||
After hostapd has been configured, its boot script parameter file (/etc/default/hostapd) also needs to be changed. The parameter DAEMON_CONF needs to be set to the location of the hostapd configuration file (/etc/hostapd/hostapd.conf), so that the Wireless Access Point server is enabled. | |||
Set up IP Forwarding | |||
IP Forwarding is used to pass (forward) network traffic between network interfaces. In this recipe, IP Forwarding is used to pass network traffic between the wireless network and the wired network. Using IP Forwarding, the Raspberry Pi connects the clients of the wireless network to the wired network. | |||
The first configuration step is to enable IP Forwarding in the Raspberry Pi's Linux kernel. The kernel parameters file (/etc/sysctl.conf) has an IP Forwarding entry (net.ipv4.ip_forward=1) that is by default commented out. Uncommenting this entry, by removing the # at the beginning of the line, enables IP Forwarding in the Linux kernel. | |||
After IP Forwarding is enabled, the iptables command is used to define the net filter rules that determine which network packets are allowed to cross the Linux kernel's internal firewall. The Linux kernel's firewall organizes its rules into tables that define how network packets pass through the kernel. The iptables command is used to manage the rules stored in these tables. | |||
The first Linux kernel firewall rule define in this step is appended to the postprocessing rules (-A POSTROUTING) of the network address translation table (-t nat). This rule masquerades network packets (MASQUERADE) as they are passed to the wired network (-o eth0). The IP addresses of wireless network clients are translated into the IP address of the Raspberry Pi's wired network connection as they are passed to the wired network. This is how the network packets from multiple wireless network clients are translated so they can pass through the Raspberry Pi's single wired network connection. | |||
The second rule is appended to the packet forwarding rules (-A FORWARD) of the filter table (the default table). This rule allows (-j ACCEPT) network packets to be forwarded (-A FORWARDED) from the wired network (-i eth0) to the wireless network (-o wlan0) when they are related to an established connection (-m state –state RELATED,ESTABLISHED). | |||
The last iptables command rule in this step is appended to the forwarding rules of the filter table (-A FORWARD). This rule allows packets to pass from the wireless network (-i wlan0) to the wired network (-o eth0). | |||
The next command, ifconfig wlan0, sets the IP address of the Raspberry Pi's wireless network connection to 192.168.0.1. | |||
Finally, the iptables-save command is used to save a copy of these rules in a configuration file (/etc/iptables.ipv4.nat) that can be used during boot. | |||
After this step is complete, the IP Forwarding rules have been defined and saved in a configuration file. The IP Forwarding rules are also active. | |||
Configure the boot parameters | |||
The network interfaces definitions used during boot are stored in a configuration file (/etc/network/interfaces). The file defines the network address, network mask, and the default route for each network interface. | |||
The configuration file used in this recipe defines three network interfaces: | |||
lo – the loopback network | |||
eth0 – the wired network | |||
wlan0 – the wireless network | |||
The loopback interface (lo) is loaded automatically (auto). | |||
The wired interface interface's (eth0) is configured dynamically using the DHCP protocol. | |||
The wireless interface (wlan0) has a static definition (static) – it is in this file. The wireless interface's IP address is defined to be 192.168.0.1. The interface's defined network mask (255.255.255.0) is big enough to support 256 unique addresses on the same subnet. | |||
After the network interfaces are brought up (up), the IP Forwarding definitions (/etc/iptables.ipv4.nat) are restored (iptables-restore) that were saved earlier in this recipe (using iptables-save). | |||
Once the network interface definitions have been saved, the network can be started. | |||
Start the wireless access point | |||
Now that the configuration files have been updated: | |||
wireless access point (/etc/hostapd/hostapd.conf) | |||
dynamic host configuration protocol (/etc/udhcpd.conf) | |||
network interfaces (/etc/network/interfaces) | |||
IP Forwarding definitions (/etc/iptables.ipv4.nat) | |||
The boot scripts for the wireless access point daemon (hostapd) and the dynamic host configuration protocol daemon (udhcp) can be enabled (update-rc.d enable). | |||
The Raspberry Pi will now become a wireless access point every time it boots! | |||
After the Raspberry Pi reboots, the wireless access point is ready to use! Wireless devices can now connect to the Raspberry Pi using your chosen SSID (Raspi_AP) and passphrase (Pr0t3ct3d). | |||
Create Bookmark | |||
There's more… | |||
Not all USB wireless adapters support AP mode | |||
There are a limited number of wireless USB adapters that can work with the Raspberry Pi and can also be configured as wireless access points. The links at the end of this chapter can be used to find current wireless USB adapters that can be used together with the Raspberry Pi to create a wireless access point (see Other Resources). | |||
Some wireless USB adapters consume more power than the Raspberry Pi can support consistently on a continual basis. Connecting the wireless USB adapter to the Raspberry Pi indirectly via a USB hub will lead to better performance and reduce the likelihood that other USB devices (like the onboard network card!) will be starved for power. | |||
Wireless firewall, file server, or web server | |||
This recipe works well when combined with other recipes in this book. | |||
Together with the file-sharing recipes in Chapter 4, File Sharing, the Raspberry Pi could become a file server for both wired and wireless devices connected to the local network – for exchanging document and media files; or for backup and storage. | |||
When combined with other advanced networking recipes in this chapter, the Raspberry Pi could become a network firewall, protecting wireless access to a wired network; a teaching or support tool with remote access to desktop devices; a communication tool that serves web pages; or a collaboration tool that hosts wiki pages. | |||
Within the Raspberry Pi and open source GNU Linux community, there are numerous other tools and applications that could be combined with this recipe to turn the Raspberry Pi into a dynamic network hub for wireless devices. | |||
hostapd (http://en.wikipedia.org/wiki/Hostapd): This Wikipedia article about hostapd describes the service in more detail. | |||
hostapd: IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator (http://w1.fi/hostapd/): The hostapd website is a complete reference for the server. | |||
Debian Linux Kernel Handbook (http://kernel-handbook.alioth.debian.org/): The Debian Linux Kernel Handbook has more information about how iptables work. | |||
Linux wireless (http://linuxwireless.org/): The Linux Wireless website has more information on using wireless devices with Linux. | |||
RPI-Wireless-Hotspot (http://elinux.org/RPI-Wireless-Hotspot): This is an article about wireless hotspots on the Embedded Linux website. | |||
USB Wi-Fi Adapters (http://elinux.org/RPi_VerifiedPeripherals#USB_Wi-Fi_Adapters): This is an article about Wi-Fi adapters on the Embedded Linux Wiki. | |||
Raspberry Pi Wi-Fi adapter testing (http://www.element14.com/community/docs/DOC-44703/l/raspberry-pi-wifi-adapter-testing): This is an article about tested wireless adapters on the Element14 Community website. | |||
--> | --> | ||
Revision as of 17:10, 17 March 2016