I’ve finally gotten sick of having a terrible wireless signal in my room, and I have a server in my office (hard wired via gigabit) so I figured I’d set it up as a wireless access point. There’s a lot of information in various places on how to set everything up, so I figured I’d try to wrangle everything in 1 spot.
Install the card.
I used a TP-Link WDN4800. Sadly I don’t have a list of all the compatible wireless cards, but it seems that having something based on the
Atheros chipset is a good thing.
sudo lshw | less and look for your new card. If you have a build in wireless device, you’ll most likely want the one marked
wlan1, otherwise it will probably be
wlan0. For the rest of this post I’ll assume you’re using wlan1 as a lot of machines come with a build in wireless device at wlan0.
Check to make sure you’re using the right drivers. You’ll want to see mac80211 in there.
> lspci -k | grep -A 3 -i network 04:00.0 Network controller: Atheros Communications Inc. AR9300 Wireless LAN adaptor (rev 01) Subsystem: Atheros Communications Inc. Device 3112 Kernel driver in use: ath9k <----- this is what you want to see > modinfo ath9k | grep 'depend' depends: ath9k_hw,ath9k_common,mac80211,ath,cfg80211 <--- make sure mac80211 is in here
Check that your wireless device is up via
ifconfig wlan1 up. If it can’t come up, check
rfkill list all.
> rfkill list all 0: phy0: Wireless LAN Soft blocked: yes Hard blocked: no 1: phy1: Wireless LAN Soft blocked: yes Hard blocked: no
If you see that your device is soft blocked, you can use
rfkill unblock wifi, then
ifconfig wlan1 up to bring it up. You should see this now:
> rfkill list all 0: phy0: Wireless LAN Soft blocked: no Hard blocked: no 1: phy1: Wireless LAN Soft blocked: no Hard blocked: no
apt-get install hostapd
Configure your wireless. You’ll want to edit
/etc/hostapd/hostapd.conf. Here’s what mine looks like, set to be wide open to the world. You’ll want to lock this down after we get it up and running. Chuck the card in one of your PCI slots, and boot the machine back up.
interface=wlan1 driver=nl80211 ssid=batcave hw_mode=g channel=6 macaddr_acl=0 auth_algs=1 ignore_broadcast_ssid=0
There’s plenty of details in this post, so I won’t rehash the entire post.
Set up your DNS server
As of Ubuntu 12.04, the network manager runs dnsmasq, you’ll need to disable it if you want to run your own. Open
vim /etc/NetworkManager/NetworkManager.conf and comment out the line
dns=dnsmasq. Read Stéphane Graber’s blog post on this if you want to learn more.
Install dnsmasq with
apt-get install dnsmasq. Edit the end of your
# disables dnsmasq reading any other files like /etc/resolv.conf for nameservers no-resolv interface=wlan1 # Specify starting_range,end_range,lease_time dhcp-range=10.0.0.3,10.0.0.20,12h # dns addresses to send to the clients server=184.108.40.206 server=220.127.116.11
We’ll need to configure our wireless device to be able to use our hostapd and our dnsmasq.
Set your iptables rules
ifconfig wlan1 up 10.0.0.1 netmask 255.255.255.0 iptables --flush iptables --table nat --flush iptables --delete-chain iptables --table nat --delete-chain iptables --table nat --append POSTROUTING --out-interface eth2 -j MASQUERADE ## <--- change eth2 to whatever your wired connection is iptables --append FORWARD --in-interface wlan1 -j ACCEPT #Thanks to lorenzo #Uncomment the line below if facing problems while sharing PPPoE, see lorenzo's comment for more details #iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu sysctl -w net.ipv4.ip_forward=1 service hostapd start service dnsmasq start
You should now be able to connect to your wireless network. Save your iptables rules with
iptables-save > /etc/iptables.rules.
Read the full post about using dnsmasq here.
Enable Wireless N and a WPA password
At this point, your network is wide open, which probably sucks. I’ve updated my
/etc/hostapd/hostapd.conf to now include wireless N support and a passphrase.
interface=wlan1 driver=nl80211 ssid=batcave hw_mode=g channel=6 ignore_broadcast_ssid=0 # wireless N ieee80211n=1 wmm_enabled=1 country_code=US ieee80211d=1 auth_algs=3 wpa=3 wpa_passphrase=yourpasswordhere wpa_key_mgmt=WPA-PSK wpa_pairwise=TKIP CCMP macaddr_acl=0
Restart hostapd with
service hostapd restart and you should be good to go.