{"id":574,"date":"2024-09-24T16:31:34","date_gmt":"2024-09-24T14:31:34","guid":{"rendered":"https:\/\/tomdus.de\/wp\/?p=574"},"modified":"2024-09-24T16:31:34","modified_gmt":"2024-09-24T14:31:34","slug":"wlan-access-point-apn","status":"publish","type":"post","link":"https:\/\/tomdus.de\/wp\/wlan-access-point-apn\/","title":{"rendered":"WLAN Access Point APN"},"content":{"rendered":"

Erstellen des WLAN Access Point APN mit USB<\/h1>\n

Linux: Debian 12.7 (cat \/etc\/debian_version)<\/p>\n

Liste den USB WLAN Stick<\/p>\n

root@hpt:\/home\/tomas# lsusb\r\n...\r\nBus 002 Device 003: ID 8087:0aa7 Intel Corp. Wireless-AC 3168 Bluetooth\r\n...\r\n<\/pre>\n
Install Intel Firmware, da der USB Stick „Intel Corp. Wireless-AC 3168 Bluetooth“<\/p>\n
\n
apt install firmware-iwlwifi iw<\/code><\/pre>\n<\/div>\n
Ermittle den Namen des WLAN Interfaces – in diesem Fall wlp2s0<\/strong><\/p>\n
\n
root@hpt:\/home\/tomas# ll \/sys\/class\/net\/\r\nlrwxrwxrwx 1 root root 0 Sep 24 08:12 enp1s0 -> ..\/..\/devices\/pci0000:00\/0000:00:02.2\/0000:01:00.0\/net\/enp1s0\r\nlrwxrwxrwx 1 root root 0 Sep 24 08:12 lo -> ..\/..\/devices\/virtual\/net\/lo\r\nlrwxrwxrwx 1 root root 0 Sep 24 08:12 wlp2s0 -> ..\/..\/devices\/pci0000:00\/0000:00:02.3\/0000:02:00.0\/net\/wlp2s0<\/code><\/pre>\n<\/div>\n
hostapn – AccessPoint<\/strong><\/p>\n
Install hostapd<\/a> – betreibt den Accesspoint<\/p>\n
\n
apt install hostapd<\/code><\/pre>\n
Einstellungen in \/etc\/hostapd\/hostapd.conf<\/span><\/p>\n<\/div>\n
\n
### Wireless network name ###\r\ninterface=wlp2s0\r\ndriver=nl80211\r\nssid=tomastest\r\n# a = IEEE 802.11a, b = IEEE 802.11b, g = IEEE 802.11g\r\nhw_mode=g\r\nchannel=1\r\nwpa=2\r\nwpa_passphrase=test123456\r\n## Key management algorithms ##\r\nwpa_key_mgmt=WPA-PSK\r\n#\r\n## Set cipher suites (encryption algorithms) ##\r\n## TKIP = Temporal Key Integrity Protocol\r\n## CCMP = AES in Counter mode with CBC-MAC\r\nwpa_pairwise=TKIP\r\nrsn_pairwise=CCMP\r\n#\r\n## Shared Key Authentication ##\r\nauth_algs=1\r\n#\r\n## Accept all MAC address ###\r\nmacaddr_acl=0\r\n\r\n## Log-Einstellungen\r\n# \"-1\" = alle Module loggen, \"3\" z.B. loggt nur WPA\r\nlogger_syslog=-1\r\n# \"2\" = informative Meldungen, \"1\" = Debuggen, \"0\" = echt alles loggen\r\nlogger_syslog_level=2\r\n# wie oben, nur Ausgabe auf Konsole, wenn Programm nicht im Hintergrund l\u00e4uft\r\nlogger_stdout=-1\r\n# wie oben\r\nlogger_stdout_level=1<\/code>## L\u00e4ndercode # L\u00e4ndercode setzen country_code=DE # L\u00e4ndercode aktivieren, \"0\" = aus (default) ieee80211d=1<\/pre>\n
Starte hostapn als root um Verbindungen zu testen:<\/p>\n
root@hpt:\/home\/tomas# hostapd -d \/etc\/hostapd\/hostapd.conf\r\n...\r\nwlp2s0: STA 62:61:aa:63:5f:50 IEEE 802.11: authentication OK (open system)\r\nwlp2s0: STA 62:61:aa:63:5f:50 MLME: MLME-AUTHENTICATE.indication(62:61:aa:63:5f:50, OPEN_SYSTEM)\r\nwlp2s0: STA 62:61:aa:63:5f:50 MLME: MLME-DELETEKEYS.request(62:61:aa:63:5f:50)\r\n...\r\nwlp2s0: STA 62:61:aa:63:5f:50 WPA: pairwise key handshake completed (RSN)\r\nwlp2s0: EAPOL-4WAY-HS-COMPLETED 62:61:aa:63:5f:50<\/code><\/pre>\n<\/div>\n
Die Verbindung zu einem APN wurde erfolgreich hergestellt. Der standard logging f\u00fcr hostapn wurde ist im \/var\/log\/syslog.<\/p>\n
Starte hostapn als system dienst: root@hpt:\/home\/tomas# systemctl enable --now hostapd.service<\/code><\/p>\n
Network Configuration<\/strong><\/p>\n
Der WLAN Adapter wlp2s0 muss eine feste IP Adresse haben in IP Bereich\u00a0 dass NICHT dem lokalen Netz zugeordnet ist. Dieser IP Bereich dient lediglich den APN. In diesem Fall 10.0.0.1<\/p>\n
\n
root@hpt:\/home\/tomas# cat \/etc\/network\/interfaces\r\n# This file describes the network interfaces available on your system\r\n# and how to activate them. For more information, see interfaces(5).\r\n\r\nsource \/etc\/network\/interfaces.d\/*\r\n\r\n# The loopback network interface\r\nauto lo\r\niface lo inet loopback\r\n\r\n# The primary network interface\r\nallow-hotplug enp1s0\r\niface enp1s0 inet dhcp\r\n\r\n# WLAN mit fester Adresse f\u00fcr hostapd\r\nauto wlp2s0\r\niface wlp2s0 inet static\r\naddress 10.0.0.1\r\nnetmask 255.255.255.0\r\nbroadcast 10.0.0.255<\/code><\/pre>\n<\/div>\n
Enable IPv4 Forwadinf in \/etc\/sysctl.conf<\/p>\n
\n
root@hpt:\/home\/tomas# cat \/etc\/sysctl.conf |grep ip_forward\r\n# Uncomment the next line to enable packet forwarding for IPv4\r\nnet.ipv4.ip_forward=1<\/code><\/pre>\n<\/div>\n
Definiere IP tables rules<\/p>\n
\n
iptables -A FORWARD -o enp1s0 -i wlp2s0 -s 192.168.0.0\/24 -m conntrack --ctstate NEW -j ACCEPT\r\niptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT\r\niptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE\r\n<\/code><\/pre>\n<\/div>\n
Install persistence iptables rules apt install iptables-persistent<\/code> um diese \u00c4nderungen persistent zu machen<\/p>\n
\n
root@hpt:\/home\/tomas# cat \/etc\/iptables\/rules.v4\r\n# Generated by iptables-save v1.8.9 (nf_tables) on Sun Sep 22 13:42:43 2024\r\n*filter\r\n:INPUT ACCEPT [0:0]\r\n:FORWARD ACCEPT [0:0]\r\n:OUTPUT ACCEPT [0:0]\r\n-A FORWARD -s 192.168.0.0\/24 -i wlp2s0 -o enp1s0 -m conntrack --ctstate NEW -j ACCEPT\r\n-A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT\r\nCOMMIT\r\n# Completed on Sun Sep 22 13:42:43 2024\r\n# Generated by iptables-save v1.8.9 (nf_tables) on Sun Sep 22 13:42:43 2024\r\n*nat\r\n:PREROUTING ACCEPT [0:0]\r\n:INPUT ACCEPT [0:0]\r\n:OUTPUT ACCEPT [0:0]\r\n:POSTROUTING ACCEPT [0:0]\r\n-A POSTROUTING -o enp1s0 -j MASQUERADE\r\nCOMMIT\r\n# Completed on Sun Sep 22 13:42:43 2024\r\n<\/code><\/pre>\n
DNSMasq – DNS und DHCP Server<\/strong>
\nInstalliere lokalen DNS und DHCP Server: apt install dnsmasq<\/code><\/p>\n
Einstellungen in \/etc\/init.d\/dnsmasq.conf<\/p>\n
\n
server=192.168.178.1 # Forward alle DNS Anfrage zum vorhandenem DNS Server\r\ninterface=wlp2s0\r\nexcept-interface=lo,enp1s0\r\nbind-interfaces # Um Probleme mit dem Port 53 von systemd umzugehen\r\ndhcp-range=interface:wlp2s0,10.0.0.20,10.0.0.30,12h\r\n# Nur f\u00fcr debugging\r\nlog-queries\r\nlog-dhcp\r\n<\/code><\/pre>\n<\/div>\n
Starten den Dienst systemctl enable --now dnsmasq.service<\/code><\/p>\n
Ausgaben in \/var\/log\/syslog<\/p>\n
\n
2024-09-24T12:31:28.636273+02:00 hpt dnsmasq-dhcp[19201]: 3835516886 available DHCP range: 10.0.0.20 -- 10.0.0.30\r\n2024-09-24T12:31:28.636520+02:00 hpt dnsmasq-dhcp[19201]: 3835516886 vendor class: android-dhcp-14\r\n2024-09-24T12:31:28.636637+02:00 hpt dnsmasq-dhcp[19201]: 3835516886 client provides name: Handy-von-Tomas\r\n2024-09-24T12:31:28.636752+02:00 hpt dnsmasq-dhcp[19201]: 3835516886 DHCPREQUEST(wlp2s0) 10.0.0.24 62:61:aa:63:5f:50\r\n2024-09-24T12:31:28.636878+02:00 hpt dnsmasq-dhcp[19201]: 3835516886 tags: interface:wlp2s0, wlp2s0\r\n2024-09-24T12:31:28.636995+02:00 hpt dnsmasq-dhcp[19201]: 3835516886 DHCPACK(wlp2s0) 10.0.0.24 62:61:aa:63:5f:50 Handy-von-Tomas\r\n...\r\n2024-09-24T12:31:28.744018+02:00 hpt dnsmasq[19201]: query[A] connectivitycheck.gstatic.com from 10.0.0.24\r\n2024-09-24T12:31:28.744232+02:00 hpt dnsmasq[19201]: forwarded connectivitycheck.gstatic.com to 192.168.178.1\r\n2024-09-24T12:31:28.759666+02:00 hpt dnsmasq[19201]: reply connectivitycheck.gstatic.com is 172.217.18.99<\/code><\/pre>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"
Erstellen des WLAN Access Point APN mit USB Linux: Debian 12.7 (cat \/etc\/debian_version) Liste den USB WLAN Stick root@hpt:\/home\/tomas# lsusb … Bus 002 Device 003: ID 8087:0aa7 Intel Corp. Wireless-AC 3168 Bluetooth … Install Intel Firmware, da der USB Stick „Intel Corp. Wireless-AC 3168 Bluetooth“ apt install firmware-iwlwifi iw Ermittle den Namen des WLAN Interfaces […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5],"tags":[],"class_list":["post-574","post","type-post","status-publish","format-standard","hentry","category-linux"],"_links":{"self":[{"href":"https:\/\/tomdus.de\/wp\/wp-json\/wp\/v2\/posts\/574","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/tomdus.de\/wp\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tomdus.de\/wp\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tomdus.de\/wp\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/tomdus.de\/wp\/wp-json\/wp\/v2\/comments?post=574"}],"version-history":[{"count":15,"href":"https:\/\/tomdus.de\/wp\/wp-json\/wp\/v2\/posts\/574\/revisions"}],"predecessor-version":[{"id":589,"href":"https:\/\/tomdus.de\/wp\/wp-json\/wp\/v2\/posts\/574\/revisions\/589"}],"wp:attachment":[{"href":"https:\/\/tomdus.de\/wp\/wp-json\/wp\/v2\/media?parent=574"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tomdus.de\/wp\/wp-json\/wp\/v2\/categories?post=574"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tomdus.de\/wp\/wp-json\/wp\/v2\/tags?post=574"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}