WiFiAP on PI

From Coolscript
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

This is a short setup description of how you could run a WiFi Access Point on a Raspberry.

  • Requirements
    • Raspberry PI Modell B
    • 5V/1A Power Unit
    • Logilink WLAN USB 2.0 Nano Adapter 150Mbps
    • Debian Wheezy
  • Kernel Info:
root@raspberrypi:~# uname -a
Linux raspberrypi 3.6.11+ #474 PREEMPT Thu Jun 13 17:14:42 BST 2013 armv6l  GNU/Linux
  • Wireless Adapter
root@raspberrypi:~# lsusb
Bus 001 Device 004: ID 148f:5370 Ralink Technology, Corp. RT5370 Wireless Adapter
  • Install additional packages required for hostap:
apt-get install hostapd wireless-tools dnsmasq iw bridge-utils

Sample WiFi Bridge

  • /etc/network/interfaces
auto lo
iface lo inet loopback
allow-hotplug eth01
iface eth0 inet static
 address   192.168.2.26
 broadcast 192.168.2.255
 netmask   255.255.255.0
 gateway   192.168.2.1
 dns-nameservers 192.168.2.1
 # default route to access subnet
 up route add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.2.1 eth0
# WLAN Interface
allow-hotplug wlan0
iface wlan0 inet manual
#Bridging 
auto br0
iface br0 inet static
 address   192.168.2.120
 broadcast 192.168.2.255
 netmask   255.255.255.0
 gateway   192.168.2.1
 dns-nameservers 192.168.2.1
 bridge_ports eth0 wlan0
 bridge_fd 0
 bridge_stp no

Interfaces after the first reboot

root@raspberrypi:~# ifconfig
br0       Link encap:Ethernet  HWaddr b8:27:eb:c5:09:fa
         inet addr:192.168.2.120  Bcast:192.168.2.255  Mask:255.255.255.0
         inet6 addr: fe80::ba27:ebff:fec5:9fa/64 Scope:Link
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:86 errors:0 dropped:0 overruns:0 frame:0
         TX packets:79 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:0
         RX bytes:7597 (7.4 KiB)  TX bytes:9633 (9.4 KiB)

eth0      Link encap:Ethernet  HWaddr b8:27:eb:c5:09:fa
         inet addr:192.168.2.26  Bcast:192.168.2.255  Mask:255.255.255.0
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:94 errors:0 dropped:0 overruns:0 frame:0
         TX packets:79 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000
         RX bytes:11413 (11.1 KiB)  TX bytes:10525 (10.2 KiB)

lo        Link encap:Local Loopback
         inet addr:127.0.0.1  Mask:255.0.0.0
         inet6 addr: ::1/128 Scope:Host
         UP LOOPBACK RUNNING  MTU:16436  Metric:1
         RX packets:0 errors:0 dropped:0 overruns:0 frame:0
         TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:0
         RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

wlan0     Link encap:Ethernet  HWaddr 7c:dd:90:30:ba:ef
         UP BROADCAST MULTICAST  MTU:1500  Metric:1
         RX packets:0 errors:0 dropped:0 overruns:0 frame:0
         TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000
         RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)


Hostapd Config

  • /etc/hostapd/hostapd.conf
ctrl_interface=/var/run/hostapd
###############################
# Basic Config
###############################
macaddr_acl=0
auth_algs=1
# Most modern wireless drivers in the kernel need driver=nl80211
driver=nl80211
##########################
# Local configuration...
##########################
interface=wlan0
bridge=br0
hw_mode=g
channel=1
ssid=MySID
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0
wpa=3
wpa_passphrase=something-secret
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP


Test Run - Bridged

hostapd -dd /etc/hostapd/hostapd.conf


Ifconfig after hostapd

root@raspberrypi:~# ifconfig
br0       Link encap:Ethernet  HWaddr 7c:dd:90:30:ba:ef
         inet addr:192.168.2.120  Bcast:192.168.2.255  Mask:255.255.255.0
         inet6 addr: fe80::ba27:ebff:fec5:9fa/64 Scope:Link
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:407 errors:0 dropped:0 overruns:0 frame:0
         TX packets:482 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:0
         RX bytes:26003 (25.3 KiB)  TX bytes:70678 (69.0 KiB)

eth0      Link encap:Ethernet  HWaddr b8:27:eb:c5:09:fa
         inet addr:192.168.2.26  Bcast:192.168.2.255  Mask:255.255.255.0
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:475 errors:0 dropped:0 overruns:0 frame:0
         TX packets:547 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000
         RX bytes:51638 (50.4 KiB)  TX bytes:86266 (84.2 KiB)

lo        Link encap:Local Loopback
         inet addr:127.0.0.1  Mask:255.0.0.0
         inet6 addr: ::1/128 Scope:Host
         UP LOOPBACK RUNNING  MTU:16436  Metric:1
         RX packets:0 errors:0 dropped:0 overruns:0 frame:0
         TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:0
         RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

mon.wlan0 Link encap:UNSPEC  HWaddr 7C-DD-90-30-BA-EF-00-00-00-00-00-00-00-00-00-00
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:71 errors:0 dropped:0 overruns:0 frame:0
         TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000
         RX bytes:23342 (22.7 KiB)  TX bytes:0 (0.0 B)

wlan0     Link encap:Ethernet  HWaddr 7c:dd:90:30:ba:ef
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:66 errors:0 dropped:0 overruns:0 frame:0
         TX packets:57 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000
         RX bytes:9608 (9.3 KiB)  TX bytes:11361 (11.0 KiB)




Sample WiFi Access Point

  • /etc/network/interfaces
auto lo
iface lo inet loopback
allow-hotplug eth01
iface eth0 inet static
 address   192.168.2.26
 broadcast 192.168.2.255
 netmask   255.255.255.0
 gateway   192.168.2.1
 dns-nameservers 192.168.2.1
 # default route to access subnet
 up route add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.2.1 eth0
# WLAN Interface / AP-Adressraum
allow-hotplug wlan0
iface wlan0 inet static
 address 192.168.0.1
 netmask 255.255.255.0
 broadcast 192.168.0.255

Interfaces after first reboot

eth0      Link encap:Ethernet  HWaddr b8:27:eb:c5:09:fa
         inet addr:192.168.2.26  Bcast:192.168.2.255  Mask:255.255.255.0
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:566 errors:0 dropped:0 overruns:0 frame:0
         TX packets:651 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000
         RX bytes:35754 (34.9 KiB)  TX bytes:98412 (96.1 KiB)

lo        Link encap:Local Loopback
         inet addr:127.0.0.1  Mask:255.0.0.0
         UP LOOPBACK RUNNING  MTU:16436  Metric:1
         RX packets:0 errors:0 dropped:0 overruns:0 frame:0
         TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:0
         RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

wlan0     Link encap:Ethernet  HWaddr 7c:dd:90:30:ba:ef
         inet addr:192.168.0.1  Bcast:192.168.0.255  Mask:255.255.255.0
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:227 errors:0 dropped:0 overruns:0 frame:0
         TX packets:39 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000
         RX bytes:19953 (19.4 KiB)  TX bytes:8509 (8.3 KiB)




DNSMASQ

  • /etc/dnsmasq.conf
interface=wlan0
no-dhcp-interface=eth0
dhcp-range=interface:wlan0,192.168.0.210,192.168.0.220,infinite


HOSTAPD

  • /etc/hostapd/hostapd.conf
ctrl_interface=/var/run/hostapd
###############################
# Basic Config
###############################
macaddr_acl=0
auth_algs=1
# Most modern wireless drivers in the kernel need driver=nl80211
driver=nl80211
##########################
# Local configuration...
##########################
interface=wlan0
#debugging
debug=4 
hw_mode=g
channel=1
ssid=MySID
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0
wpa=3
wpa_passphrase=something
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP
logger_syslog=1
logger_syslog_level=2
logger_stdout=-1
logger_stdout_level=2

Ifconfig after hostapd

root@raspberrypi:~# ifconfig
eth0      Link encap:Ethernet  HWaddr b8:27:eb:c5:09:fa
         inet addr:192.168.2.26  Bcast:192.168.2.255  Mask:255.255.255.0
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:566 errors:0 dropped:0 overruns:0 frame:0
         TX packets:651 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000
         RX bytes:35754 (34.9 KiB)  TX bytes:98412 (96.1 KiB)

lo        Link encap:Local Loopback
         inet addr:127.0.0.1  Mask:255.0.0.0
         UP LOOPBACK RUNNING  MTU:16436  Metric:1
         RX packets:0 errors:0 dropped:0 overruns:0 frame:0
         TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:0
         RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

mon.wlan0 Link encap:UNSPEC  HWaddr 7C-DD-90-30-BA-EF-00-00-00-00-00-00-00-00-00-00
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:172 errors:0 dropped:0 overruns:0 frame:0
         TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000
         RX bytes:57617 (56.2 KiB)  TX bytes:0 (0.0 B)

wlan0     Link encap:Ethernet  HWaddr 7c:dd:90:30:ba:ef
         inet addr:192.168.0.1  Bcast:192.168.0.255  Mask:255.255.255.0
         UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
         RX packets:227 errors:0 dropped:0 overruns:0 frame:0
         TX packets:39 errors:0 dropped:0 overruns:0 carrier:0
         collisions:0 txqueuelen:1000
         RX bytes:19953 (19.4 KiB)  TX bytes:8509 (8.3 KiB)


Success Log

#Successfull connect / syslog
Sep  6 21:44:17 raspberrypi hostapd: wlan0: STA 70:d4:f2:31:75:c4 IEEE 802.11:  associated (aid 1)
Sep  6 21:44:17 raspberrypi hostapd: wlan0: STA 70:d4:f2:31:75:c4 RADIUS:    starting accounting session 540B8020-00000000
Sep  6 21:44:17 raspberrypi hostapd: wlan0: STA 70:d4:f2:31:75:c4 WPA: pairwise key handshake completed (RSN)
Sep  6 21:44:17 raspberrypi dnsmasq-dhcp[2072]: DHCPDISCOVER(wlan0) 70:d4:f2:31:75:c4
Sep  6 21:44:17 raspberrypi dnsmasq-dhcp[2072]: DHCPOFFER(wlan0) 192.168.0.214 70:d4:f2:31:75:c4
Sep  6 21:44:18 raspberrypi dnsmasq-dhcp[2072]: DHCPDISCOVER(wlan0) 70:d4:f2:31:75:c4
Sep  6 21:44:18 raspberrypi dnsmasq-dhcp[2072]: DHCPOFFER(wlan0) 192.168.0.214 70:d4:f2:31:75:c4
Sep  6 21:44:19 raspberrypi dnsmasq-dhcp[2072]: DHCPREQUEST(wlan0) 192.168.0.214 70:d4:f2:31:75:c4
Sep  6 21:44:19 raspberrypi dnsmasq-dhcp[2072]: DHCPACK(wlan0) 192.168.0.214 70:d4:f2:31:75:c4 PLAYBOOK-99EE

Optional Firewall Init

#!/bin/bash
#Extreme easy
#Switch on routing
echo "1" > /proc/sys/net/ipv4/ip_forward
#Set log level
echo "1 4 1 7" > /proc/sys/kernel/printk
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -F
iptables -X
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
#iptables -N my_drop -m comment --comment "Drop Access"
#iptables -A my_drop -p ICMP -j LOG --log-prefix "DROP-ICMP "
#iptables -A my_drop -p TCP -j LOG --log-prefix "DROP-TCP "
#iptables -A my_drop -p UDP -j LOG --log-prefix "DROP-UDP "
#iptables -A my_drop -j DROP
#iptables -A INPUT -j my_drop
#iptables -A FORWARD -j my_drop


HW Test

# iw list

# iwlist scan wlan0



# iw dev wlan0 scan | grep SID


Syslog/Debug

  • /etc/rsyslog.conf
!hostapd
*.*                                             /var/log/hostapd.log
  • /etc/hostap/hostap.conf
#debug   Debugging mode: 0 = no, 1 = minimal, 2 = verbose, 3 = msg dumps,
            4 = excessive.


Interface gone when hostapd stops

*Add  /etc/init.d/hostapd
ifconfig wlan0 192.168.0.1



Monitoring

Get aircrack-ng 

wget http://download.aircrack-ng.org/aircrack-ng-1.2-beta3.tar.gz
apt-get install iw sysfsutils libssl-dev kismet libnl-3-dev libnl-3-doc libnl- genl-3-dev tshark
cd aircrack-ng-1.2-beta3/
make
make install


  • 1: Start Airmon Monitor
airmon-ng start wlan0
  • 2: Check with aerodump
airodump-ng mon0
  • 3:Packet dump:
airodump-ng --bssid  74:31:70:B4:1A:D4 --channel 2 --write meatball mon0
    • then (testing)

aireplay-ng -0 3 -a 74:31:70:B4:1A:D4 -c C4:88:E5:B5:1F:79 mon0

  • Open Airbase to the world

airbase-ng -e NEWWORLD -c 1 -P mon0


  • Redirecting to syslso!
/usr/local/sbin/airbase-ng -e NEWWORLD -c 1 -P mon0 2>&1 | /usr/bin/logger &

Links




Sample INIT Script for airbase-ng

#!/bin/bash
CMD="$1"
ssid="NEWWORLD"
channel="1"
interface="mon0"
name="airbase-ng"
command="/usr/local/sbin/"$name
#Get Monitor by ifconfig
monif=`/sbin/ifconfig | /bin/grep $interface | /bin/sed -e 's/^  *//' -e 's/  .*//'`
#GET PID IF PRESENT
pid=`/bin/pidof $name`
##################
#Start Init Script
##################
#Check for root privileges
if (( EUID != 0 )); then
 echo "This script needs root"
 exit 1
fi
case "$CMD" in
'start')
 if [ "${interface}" != "$monif" ]
 then
  echo "Create monitor interface first"
  airmon=`/usr/local/sbin/airmon-ng start wlan0`
 else
  echo "Interface present = OK"
 fi
#BETA TEST
redir="2>&1"
logger="/usr/bin/logger"
if [ "${pid}" != "" ]
then
  echo "Already running $name "
else
 echo "Starting $name "
 start-stop-daemon --start --oknodo --background --exec $command \
      -- -e $ssid -c $channel -P $interface $redir | $logger
fi
;;
'stop')
if [ "${interface}" == "${monif}" ]
then
 echo "Stop monitor interface first"
 airmon=`/usr/local/sbin/airmon-ng stop wlan0`
 airmon=`/usr/local/sbin/airmon-ng stop mon0`
else
 echo "No interface present = OK"
fi
if [ "${pid}" != "" ]
then
  `/bin/kill ${pid} `
else
 echo "$name does not run anymore"
fi
      # stop the daemons
       ;;
*)
       echo "Usage: $INITNAME { start }"
       ;;
esac
echo " "
Retrieved from "https://coolscript.org/index.php?title=WiFiAP_on_PI&oldid=914"