RaspberryPi/Hotspot
From charlesreid1
This page covers the use of a Raspberry Pi to act as an AP/Wifi hotspot.
The basic steps covered here are:
- Install software for DNS, DHCP, and AP-hosting
- Configure DHCP
- Configure DNS
Install Software
Install DNS, DHCP, and AP-hosting software:
sudo apt install dnsmasq dhcpcd5 hostapd
Set up DHCP
For dhcp we'll use the dhcpcd utility.
Edit dhcpcd config file
Edit /etc/dhcpcd.conf
and modify it to contain this:
interface wlan1 static ip_address=192.168.4.1/24 nohook wpa_supplicant
replace wlan1 with whatever interface you want to use.
Restart dhcpcd service
sudo service dhcpcd restart
DNS
DNS is handled by the dnsmasq utility.
Edit dnsmmasq config file
Edit the dnsmasq config file /etc/dnsmasq.conf
, which determines what range of IP addresses will be handed out and for how long. Modify it to contain this:
interface=wlan1 dhcp-range=192.168.4.2,192.168.4.20,255.255.255.0,24h
This will hand out IPs starting at 192.168.4.2 and ending at 192.168.4.20, lasting for 24 hours lease time.
Modify wlan0 to whatever interface you are using to provide the wifi network.
Restart dnsmasq service
If you are installing dnsmasq fresh, enable then start the service:
sudo systemctl enable dnsmasq sudo systemctl start dnsmasq
or reload/restart the service:
sudo systemctl reload dnsmasq
Troubleshooting
Preferred DNS Resolver
Was experiencing problems with reaching the wider internet because of DNS problems:
ping: google.com: Temporary failure in name resolution
Solved this by doing the following:
Following this comment I tried to figure out what was happening with /etc/resolv.conf
.
On my system it was a link, to something in /etc/resolvconf/...
. I discovered there was a service called resolvconf
by running service --status-all
.
I disabled the resolvconf
service by running the command:
service disable resolvconf
then remove the existing file at /etc/resolv.conf
(we will replace it with our own one-line file):
rm -f /etc/resolv.conf
Now edit that file
vim /etc/resolv.conf
paste the contents
nameserver 1.1.1.1 nameserver 8.8.8.8
or whatever other nameservers you want to use.
Host an AP
We use hostapd to create the necessary infrastructure to host an access point.
Edit hostapd config file
Now modify the file /etc/hostapd/hostapd.conf
to configure hostapd. Modify the contents to the following:
interface=wlan0 driver=nl80211 ssid=MyLittlePony hw_mode=g channel=7 wmm_enabled=0 macaddr_acl=0 auth_algs=1 ignore_broadcast_ssid=0 wpa=2 wpa_passphrase=AardvarkBadgerHedgehog wpa_key_mgmt=WPA-PSK wpa_pairwise=TKIP rsn_pairwise=CCMP
Note values for hw_mode
are:
- a = IEEE 802.11a (5 GHz)
- b = IEEE 802.11b (2.4 GHz)
- g = IEEE 802.11g (2.4 GHz)
Specify location of hostapd file
Modify the file /etc/default/hostapd
to read:
DAEMON_CONF="/etc/hostapd/hostapd.conf"
Restart hostapd
sudo systemctl unmask hostapd sudo systemctl enable hostapd sudo systemctl start hostapd
Check status and ensure running ok:
sudo systemctl status hostapd sudo systemctl status dnsmasq
Troubleshooting hostapd
If something fails it will probably be on the start step:
$ sudo systemctl start hostapd Job for hostapd.service failed because the control process exited with error code. See "systemctl status hostapd.service" and "journalctl -xe" for details.
Strategy for Debugging
For startup problems, you'll use journalctl -xe
or your syslog to find the errors.
If hostapd is up and running okay, then you can debug problems with it using the following procedure. In one window, run this command to run hostapd in the foreground:
hostapd -d /etc/hostapd/hostapd.conf
In another window, monitor the system log:
tail -f /var/log/syslog
Now try connecting to the wifi access point that you created. This should generate some useful/interesting events in the log.
Link is not ready/Driver initialization failed
This is a problem that happens before hostapd starts. Here is the problem I encountered:
-- Logs begin at Thu 2019-02-14 10:12:02 UTC, end at Sun 2019-11-24 09:30:31 UTC. -- Nov 24 09:27:18 raspberry-pi hostapd[1225]: nl80211: deinit ifname=wlan1 disabled_11b_rates=0 Nov 24 09:27:18 raspberry-pi NetworkManager[154]: <info> [1574587638.4191] device (wlan1): supplicant interface state: inactive -> disabled Nov 24 09:27:18 raspberry-pi kernel: IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready Nov 24 09:27:18 raspberry-pi NetworkManager[154]: <info> [1574587638.8258] device (wlan1): supplicant interface state: disabled -> inactive Nov 24 09:27:18 raspberry-pi hostapd[1225]: nl80211 driver initialization failed. Nov 24 09:27:18 raspberry-pi hostapd[1225]: wlan1: interface state UNINITIALIZED->DISABLED Nov 24 09:27:18 raspberry-pi hostapd[1225]: wlan1: AP-DISABLED Nov 24 09:27:18 raspberry-pi hostapd[1225]: wlan1: CTRL-EVENT-TERMINATING Nov 24 09:27:18 raspberry-pi hostapd[1225]: hostapd_free_hapd_data: Interface wlan1 wasn't started Nov 24 09:27:18 raspberry-pi systemd[1]: hostapd.service: Control process exited, code=exited, status=1/FAILURE
The solution to the problem is to bring down the wlan1 interface, disable the network manager, and then start hostapd.
service hostapd stop service network-manager stop ifconfig wlan1 down rfkill unblock wlan service hostapd stop service hostapd start
Cannot open PID file
Another error I encountered was hostapd not being able to open PID file:
$ journalctl -xe Nov 24 09:38:50 raspberry-pi hostapd[1708]: Configuration file: /etc/hostapd/hostapd.conf Nov 24 09:38:50 raspberry-pi kernel: IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready Nov 24 09:38:50 raspberry-pi hostapd[1708]: Using interface wlan1 with hwaddr 36:28:03:71:17:5b and ssid "MyLittlePony" Nov 24 09:38:51 raspberry-pi kernel: IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready Nov 24 09:38:51 raspberry-pi hostapd[1708]: wlan1: interface state UNINITIALIZED->ENABLED Nov 24 09:38:51 raspberry-pi hostapd[1708]: wlan1: AP-ENABLED Nov 24 09:38:51 raspberry-pi systemd[1]: hostapd.service: Can't open PID file /run/hostapd.pid (yet?) after start: No such file or directory Nov 24 09:38:51 raspberry-pi systemd[1]: Started Advanced IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator.
Packet received on interface that has no address
Problem with error message "DHCP packet received on wlan1 which has no address":
Nov 24 10:04:33 raspberry-pi hostapd: wlan1: STA d0:04:01:81:88:00 IEEE 802.11: authenticated Nov 24 10:04:33 raspberry-pi hostapd: wlan1: STA d0:04:01:81:88:00 IEEE 802.11: associated (aid 1) Nov 24 10:04:33 raspberry-pi hostapd: wlan1: STA d0:04:01:81:88:00 RADIUS: starting accounting session BB7B0D32203238F1 Nov 24 10:04:33 raspberry-pi hostapd: wlan1: STA d0:04:01:81:88:00 WPA: pairwise key handshake completed (RSN) Nov 24 10:04:33 raspberry-pi dnsmasq-dhcp[1023]: DHCP packet received on wlan1 which has no address Nov 24 10:04:35 raspberry-pi dnsmasq-dhcp[1023]: DHCP packet received on wlan1 which has no address Nov 24 10:04:39 raspberry-pi dnsmasq-dhcp[1023]: DHCP packet received on wlan1 which has no address Nov 24 10:04:48 raspberry-pi dnsmasq-dhcp[1023]: DHCP packet received on wlan1 which has no address Nov 24 10:05:02 raspberry-pi CRON[1817]: (root) CMD (command -v debian-sa1 > /dev/null && debian-sa1 1 1) Nov 24 10:05:04 raspberry-pi dnsmasq-dhcp[1023]: DHCP packet received on wlan1 which has no address
Underlying issue was with DHCP not working. I was able to see the wifi AP being broadcast, and try to connect to it, but was failing to get assigned an IP address. This was an indication the problem was with the DHCP service.
Turns out, it wasn't running. To start the DHCP service:
service dhcpcd restart
Next Steps
- RaspberryPi/OpenVPN for setting up OpenVPN on the Raspberry Pi
References
Links
Flags
Networking pages and notes about computer networks.
Man in the Middle attack vectors on wired networks: Man in the Middle/Wired Packet analysis with Wireshark: Packet Analysis Linux networking: Linux/Networking
Using Aircrack: Aircrack Many Ways to Crack a Wifi: Cracking Wifi
Linux/Networking · Linux/SSH · Linux/File Server
Notes on OpenVPN: OpenVPN Setting Up a Static Key VPN: OpenVPN/Static Key
Domain Name Servers: DNS · Linux/DNS IP Version 6: IPv6
Wireshark · SSH · Stunnel · Tor · Ettercap · Aircrack · Tcpdump
Tunnels · HTTP and HTTPS · SSH Tunnels · Linux/SSH
|
Wireless all things wireless.
Networking:
Software:
|