Pages

Sunday, 20 October 2024

树莓派3创建WIFI无线热点

 

背景

3月初发布的树莓派3自带了WiFi和蓝牙,再加上它本来就有一个网口,因此俨然就是一台无线路由器了。我也忍不住入手了一个,打算用来做路由器和NAS。树莓派做路由器的教程已经有很多了,当然,基本都是基于树莓派2的,3之前的版本都没有自带WiFi,因此需要自己配无线网卡,而3自带了无线网卡,配置就方便多了。参考了两篇外文教程,成功配置,在这里记录一下。

参考教程:

using your raspberry pi3 as a wifi access point with hostapd/

 
rPi3-ap-setup.sh

过程

主要用到的软件有hostapd、dnsmasq:

安装 hostapd, dnsmasq

sudo apt-get install hostapd dnsmasq

修改 dnsmasq 配置文件

然后在/etc/dnsmasq.conf末加入(自己修改IP和网段,这个文件是已存在的,很详细的配置文件,但是所有行都加入了#号注释掉)

interface=wlan0
dhcp-range=10.0.0.2,10.0.0.5,255.255.255.0,12h

配置 hostapd

然后新建/etc/hostapd/hostapd.conf,加入

interface=wlan0
hw_mode=g
channel=10
auth_algs=1
wpa=2
wpa_key_mgmt=WPA-PSK
wpa_pairwise=CCMP
rsn_pairwise=CCMP
wpa_passphrase=wifi密码
ssid=wifi名字

允许转发

接着修改/etc/sysctl.conf,更改(如果有这一行,把#号去掉就行)

net.ipv4.ip_forward=1

配置开机启动

最后,将下面脚本加入到/etc/rc.localexit 0前:

ifconfig wlan0 down
ifconfig wlan0 10.0.0.1 netmask 255.255.255.0 up
iwconfig wlan0 power off
service dnsmasq restart
hostapd -B /etc/hostapd/hostapd.conf & > /dev/null 2>&1
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sudo iptables -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT

重启

重启,就可以看到热点了,简单好多~树莓派的wifi信号强度跟当初著名的路由玩具wr703n差不多。

跳坑与填坑

顺便还配置了离线下载、NAS、自动云同步什么的。由于对linux不熟悉,跳了好多坑。要提醒大家,树莓派上很多命令都需要sudo开头,而树莓派的sudo并不需要密码。但是有sudo和没sudo完全是两个环境(两个用户),比如sudo screen -S sync后,在screen -ls是看不到的,必须要sudo screen -ls才能看到。另外,如果你把命令加入/etc/rc.local中运行,默认它是sudo执行的(不管你有没有加sudo),结果我将一个screen任务加入到了这里,启动后用screen -ls死活看不到,原来要sudo screen -ls,我晕…还有,我运行autossh进行内网穿透,autossh之前一定要加个sleep 5的命令,要不然autossh运行了也没用~~

这些都是跳了一整天的坑啊。

原文:用树莓派3做无线路由器

------------------------------------------

Using your new Raspberry Pi 3 as a WiFi access point with hostapd

There's a new Raspberry Pi. This is exciting. It also has on-board WiFi. This makes it doubly exciting!

One of my first thoughts was, can I use it as a SoftAP for some ESP8266 sensor nodes? As it turns out, you can, and it's not that difficult, as the BCM43438 chip is supported by the open-source brcmfmac driver!

Packages

The first step is to install the required packages: sudo apt-get install dnsmasq hostapd

I'll go into a little detail about the two:

  • hostapd - This is the package that allows you to use the built in WiFi as an access point
  • dnsmasq - This is a combined DHCP and DNS server that's very easy to configure

If you want something a little more 'heavyweight', you can use the isc-dhcp-server and bind9 packages for DHCP and DNS respectively, but for our purposes, dnsmasq works just fine.

Configure your interfaces

The first thing you'll need to do is to configure your wlan0 interface with a static IP.

If you're connected to the Pi via WiFi, connect via ethernet/serial/keyboard first.

In newer Raspian versions, interface configuration is handled by dhcpcd by default. We need to tell it to ignore wlan0, as we will be configuring it with a static IP address elsewhere. So open up the dhcpcd configuration file with sudo nano /etc/dhcpcd.conf and add the following line to the bottom of the file:

denyinterfaces wlan0  

Note: This must be ABOVE any interface lines you may have added!

Now we need to configure our static IP. To do this open up the interface configuration file with sudo nano /etc/network/interfaces and edit the wlan0 section so that it looks like this:

allow-hotplug wlan0  
iface wlan0 inet static  
    address 172.24.1.1
    netmask 255.255.255.0
    network 172.24.1.0
    broadcast 172.24.1.255
#    wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf

Restart dhcpcd with sudo service dhcpcd restart and then reload the configuration for wlan0 with sudo ifdown wlan0; sudo ifup wlan0.

Configure hostapd

Next, we need to configure hostapd. Create a new configuration file with sudo nano /etc/hostapd/hostapd.conf with the following contents:

# This is the name of the WiFi interface we configured above
interface=wlan0

# Use the nl80211 driver with the brcmfmac driver
driver=nl80211

# This is the name of the network
ssid=Pi3-AP

# Use the 2.4GHz band
hw_mode=g

# Use channel 6
channel=6

# Enable 802.11n
ieee80211n=1

# Enable WMM
wmm_enabled=1

# Enable 40MHz channels with 20ns guard interval
ht_capab=[HT40][SHORT-GI-20][DSSS_CCK-40]

# Accept all MAC addresses
macaddr_acl=0

# Use WPA authentication
auth_algs=1

# Require clients to know the network name
ignore_broadcast_ssid=0

# Use WPA2
wpa=2

# Use a pre-shared key
wpa_key_mgmt=WPA-PSK

# The network passphrase
wpa_passphrase=raspberry

# Use AES, instead of TKIP
rsn_pairwise=CCMP

We can check if it's working at this stage by running sudo /usr/sbin/hostapd /etc/hostapd/hostapd.conf. If it's all gone well thus far, you should be able to see to the network Pi3-AP! If you try connecting to it, you will see some output from the Pi, but you won't receive and IP address until we set up dnsmasq in the next step. Use Ctrl+C to stop it.

We aren't quite done yet, because we also need to tell hostapd where to look for the config file when it starts up on boot. Open up the default configuration file with sudo nano /etc/default/hostapd and find the line #DAEMON_CONF="" and replace it with DAEMON_CONF="/etc/hostapd/hostapd.conf".

Configure dnsmasq

The shipped dnsmasq config file contains a wealth of information on how to use it, but the majority of it is largely redundant for our purposes. I'd advise moving it (rather than deleting it), and creating a new one with

sudo mv /etc/dnsmasq.conf /etc/dnsmasq.conf.orig  
sudo nano /etc/dnsmasq.conf  

Paste the following into the new file:

interface=wlan0      # Use interface wlan0  
listen-address=172.24.1.1 # Explicitly specify the address to listen on  
bind-interfaces      # Bind to the interface to make sure we aren't sending things elsewhere  
server=8.8.8.8       # Forward DNS requests to Google DNS  
domain-needed        # Don't forward short names  
bogus-priv           # Never forward addresses in the non-routed address spaces.  
dhcp-range=172.24.1.50,172.24.1.150,12h # Assign IP addresses between 172.24.1.50 and 172.24.1.150 with a 12 hour lease time  

Set up IPv4 forwarding

One of the last things that we need to do before we send traffic anywhere is to enable packet forwarding.

To do this, open up the sysctl.conf file with sudo nano /etc/sysctl.conf, and remove the # from the beginning of the line containing net.ipv4.ip_forward=1. This will enable it on the next reboot, but because we are impatient, activate it immediately with :
sudo sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"

We also need to share our Pi's internet connection to our devices connected over WiFi by the configuring a NAT between our wlan0 interface and our eth0 interface. We can do this using the following commands:

sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE  
sudo iptables -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT  
sudo iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT  

However, we need these rules to be applied every time we reboot the Pi, so run sudo sh -c "iptables-save > /etc/iptables.ipv4.nat" to save the rules to the file /etc/iptables.ipv4.nat. Now we need to run this after each reboot, so open the rc.local file with sudo nano /etc/rc.local and just above the line exit 0, add the following line:

iptables-restore < /etc/iptables.ipv4.nat  

We're almost there!

Now we just need to start our services:

sudo service hostapd start  
sudo service dnsmasq start  

And that's it! You should now be able to connect to the internet through your Pi, via the on-board WiFi!

To double check we have got everything configured correctly, reboot with sudo reboot.

EDIT: Thanks to Justin for helping iron out some of the errors in this post!

EDIT2: Thanks to Ashok for several performance related enhancements!

EDIT3: Thanks to Lasse for some amendments to the dnsmasq configuration!

EDIT4: Fixed race condition between dhcpcd and dnsmasq, wlan0 is no longer configured by dhcpcd

from  https://web.archive.org/web/20171125120209/https://frillip.com/using-your-raspberry-pi-3-as-a-wifi-access-point-with-hostapd/

 

No comments:

Post a Comment