Setting up a Raspberry Pi as a Wireless PPPoE router
ADSL PPPoE
Configuration with pppoeconf
PPPoE package installation
To check if the PPPoE package is installed,$ dpkg -s pppoeconf Package: pppoeconf Status: install ok installedIf the package is not installed,
sudo apt-get -y install pppoeconfTo configure the PPPoE,
sudo pppoeconfThe setting is saved in /etc/ppp/peers/dsl-provider
Manual connection control
- check the PPPoE log
plog
sudo poff
sudo pon dsl-provider
Exposing PPP Connections to the OS
In Ubuntu, interfaces maintained by the ifup and ifdown commands are defined in the /etc/network/interfaces file.Setting up a Raspberry Pi as a Wireless Access Point
Setting up a Raspberry Pi as an access point in a standalone network (NAT)
Check your WiFi card
- Get the name of your wifi card
ifconfig
iw list | grep AP
Supported interface modes:
* IBSS
* managed
* AP
Software
- hostapd
- install sudo apt-get install hostapd
- configure create the file /etc/hostapd/hostapd.conf with the follow content:
driver=nl80211 interface=wlan0 ssid=iot-gw # Bit fields of allowed authentication algorithms: # bit 0 = Open System Authentication # bit 1 = Shared Key Authentication (requires WEP) auth_algs=1 # Enable WPA. # bit0 = WPA # bit1 = IEEE 802.11i/RSN (WPA2) (dot11RSNAEnabled) wpa=2 wpa_passphrase=12345678 wpa_key_mgmt=WPA-PSK wpa_pairwise=TKIP rsn_pairwise=CCMP channel=7
- 2.4 G
hw_mode=g wmm_enabled=0 macaddr_acl=0 ignore_broadcast_ssid=0
beacon_int=50 disassoc_low_ack=1hw_mode=g ht_capab=[HT40+][HT40-][SHORT-GI-40][RX-STBC1] ieee80211d=1 ieee80211n=1 require_ht=0 wmm_enabled=1Finally, edit /etc/default/hostapd to have the line:
DAEMON_CONF=/etc/hostapd/hostapd.conf
- install
sudo apt-get install dnsmasq
interface=wlan0 except-interface=eth0 # dhcp分發ip的範圍,以及每個ip的租約時間 dhcp-range=192.168.4.2,192.168.4.150,12h # DHCP requests on unknown leases from unknown hosts are not ignored. dhcp-authoritative no-hosts # 增加自定義hosts檔案位置 addn-hosts=/etc/hosts.dnsmasqWe set ‘no-hosts’ to avoid including all the entries in your hosts file in the DNS server, and instead set a separate file that will configure the DNS mapping for the machine hosting the AP. Make sure to create the file /etc/hosts.dnsmasq with the name of your computer:
192.168.4.1 gw.iot gw
Configure Network Manager to ignore test interfaces
Network Manager has a command line tool that can be used to see which interfaces it is controlling:nmcli dev statusIf you have network-manager configured to use your wifi card, you should disable auto-connect for all the wireless connections.
If Network Manager is not needed during testing, it can be shut off completely.
systemctl stop NetworkManagerThen, start it again:
systemctl start NetworkManager
Configure and restart network interface
- Configure the WiFi to use static IP
sudo ifconfig wlan0 192.168.4.1 up
sudo service dnsmasq start
sudo systemctl unmask hostapd sudo systemctl enable hostapd sudo systemctl start hostapd
sudo systemctl status hostapd sudo systemctl status dnsmasq sudo systemctl status dhcpd
Adding routing
- Enable packet forwarding To do it just this once, use
sudo sysctl -w net.ipv4.ip_forward=1Or,
sudo sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"To make it permanently , modify /etc/sysctl.conf as the following:
net.ipv4.ip_forward=1This will be applied on reboot or when you run
sysctl -p /etc/sysctl.conf
Adding IP masquerade
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADESave the iptables rule permanently,
sudo sh -c "iptables-save > /etc/iptables.ipv4.nat"Edit /etc/rc.local and add this just above "exit 0" :
iptables-restore < /etc/iptables.ipv4.nat
Test
- check server's status
- running
sudo systemctl status hostapd sudo systemctl status dnsmasq
sudo systemctl status dhcpd sudo systemctl status NetworkManager
$ cat /proc/sys/net/ipv4/ip_forward 1
$ route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default dlinkrouter 0.0.0.0 UG 202 0 0 eth0 192.168.0.0 0.0.0.0 255.255.255.0 U 202 0 0 eth0 192.168.4.0 0.0.0.0 255.255.255.0 U 303 0 0 wlan0
tail -f /var/log/syslog Oct 22 03:43:51 raspberrypi hostapd: wlan0: STA 04:0c:ce:d4:c0:14 IEEE 802.11: associated Oct 22 03:43:51 raspberrypi hostapd: wlan0: STA 04:0c:ce:d4:c0:14 RADIUS: starting accounting session F488B0C05B2285AD Oct 22 03:43:51 raspberrypi hostapd: wlan0: STA 04:0c:ce:d4:c0:14 WPA: pairwise key handshake completed (RSN) Oct 22 03:43:53 raspberrypi dnsmasq-dhcp[457]: DHCPREQUEST(wlan0) 192.168.4.61 04:0c:ce:d4:c0:14 Oct 22 03:43:53 raspberrypi dnsmasq-dhcp[457]: DHCPACK(wlan0) 192.168.4.61 04:0c:ce:d4:c0:14 Jerryteki-Air Oct 22 03:48:05 raspberrypi hostapd: wlan0: STA 04:0c:ce:d4:c0:14 WPA: group key handshake completed (RSN)sudo iw dev wlan0 station dump
WiFi debug
- WiFi settings Run the following to dump the failure reason on the foreground:
$ sudo hostapd -d /etc/hostapd/hostapd.conf random: Trying to read entropy from /dev/random Configuration file: /etc/hostapd/hostapd.conf ... Failed to create interface mon.wlan0: -95 (Operation not supported) ... wlan0: AP-ENABLED ... wlan0: STA 04:0c:ce:d4:c0:14 WPA: pairwise key handshake completed (RSN) wlan0: WPA rekeying GTK WPA: group state machine entering state SETKEYS (VLAN-ID 0) GTK - hexdump(len=16): [REMOVED] WPA: 04:0c:ce:d4:c0:14 WPA_PTK_GROUP entering state REKEYNEGOTIATING wlan0: STA 04:0c:ce:d4:c0:14 WPA: sending 1/2 msg of Group Key Handshake WPA: Send EAPOL(version=2 secure=1 mic=1 ack=1 install=0 pairwise=0 kde_len=24 keyidx=2 encr=1) WPA: Replay Counter - hexdump(len=8): 00 00 00 00 00 00 00 05 Plaintext EAPOL-Key Key Data - hexdump(len=32): [REMOVED] WPA: Use EAPOL-Key timeout of 500 ms (retry counter 1) wpa_group_setkeys: GKeyDoneStations=1 wlan0: Event EAPOL_RX (24) received IEEE 802.1X: 99 bytes from 04:0c:ce:d4:c0:14 IEEE 802.1X: version=1 type=3 length=95 WPA: Received EAPOL-Key from 04:0c:ce:d4:c0:14 key_info=0x302 type=2 key_data_length=0 WPA: Received Key Nonce - hexdump(len=32): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 WPA: Received Replay Counter - hexdump(len=8): 00 00 00 00 00 00 00 05 wlan0: STA 04:0c:ce:d4:c0:14 WPA: received EAPOL-Key frame (2/2 Group) WPA: 04:0c:ce:d4:c0:14 WPA_PTK_GROUP entering state REKEYESTABLISHED wlan0: STA 04:0c:ce:d4:c0:14 WPA: group key handshake completed (RSN) WPA: group state machine entering state SETKEYSDONE (VLAN-ID 0) ...The following settings may cause failures:
- country_code=
- ht_capab=
- auth_algs=
- DHCP Some STAs will disconnect if the DHCP IP is not assigned then associated again.
iw reg get
Using the Raspberry Pi as an access point to share an internet connection (bridge)
One common use of the Raspberry Pi as an access point is to provide wireless connections to a wired Ethernet connection, so that anyone logged into the access point can access the internet. To do this, a 'bridge' needs to put in place between the wireless device and the Ethernet device on the access point Raspberry Pi.Install the utilities
sudo apt install hostapd bridge-utils
iw
iw is a new nl80211 based CLI configuration utility for wireless devices. It supports all new drivers that have been added to the kernel recently. The old tool iwconfig, which uses Wireless Extensions interface, is deprecated and it's strongly recommended to switch to iw and nl80211.- iw help
- iw list List device capabilities
- iw dev wlan0 scan Scanning
- iw event Listening to events:
- iw event -f to see the auth/assoc/deauth/disassoc frames
- iw event -t timing information
- iw dev wlan0 link Getting link status
- iw dev wlan0 station dump Getting station statistics
- sudo iw dev wlan1 station get (peer-MAC-address) to get specific statistics against a peer you station is communicating with
hostapd
hostapd is a user space daemon for access point and authentication servers. It implements :- IEEE 802.11 access point management
- IEEE 802.1X/WPA/WPA2/EAP Authenticators, RADIUS client, EAP server
- RADIUS authentication server
留言