Original link:
https://frillip.com/using-your-raspberry-pi-3-as-a-wifi-access-point-with-hostapd/
Disclaimer: This article is for communication purposes only, copyright belongs to the original author!This article is contributed by the embedded Linux Chinese siteVolunteer Qian Nian Ren Yu translation submission, thanks to the volunteers for their hard work, let us contribute to create the most professional embedded Linux Chinese community, hope more friends join the embedded Linux Chinese site volunteer team.
This is a new Raspberry Pi, so amazing. It also has built-in WIFI, which is a double surprise! My first thought is, can I use it as a softAP? This idea came up, and it wasn’t that difficult, because the BCM43438 chip has an open-source brcmfmac driver.
Resource Packages
First, we need to install two resource packages: dnsmasq and hostapd; run the command: sudo apt-get install dnsmasq and hostapd; the roles of these two packages are:
· Hostapd – This package allows the Raspberry Pi 3‘s built-in WIFI to act as an access point (AP)
· Dnsmasq – This makes configuring DHCP and DNS services easier
If you need a bit more functionality, you can use the isc-dhcp-server and bind9 resource packages to configure DHCP and DNS respectively, but for our current needs, dnsmasq is sufficient.
Configure Network Card
First, you need to set a static IP for your wlan0 network card. In the latest version of Raspberry Pi, the network card is already handled by dhcpcd by default. We can ignore it for now because we are going to assign a static IP to it. Now please open the dhcpcd configuration file: sudo vim /etc/dhcpcd.conf and add the following content at the end of the file
denyinterfaces wlan0
Note: This must be ABOVE any interface lines you may have added!
Now we need to configure our static IP. Please open the interface configuration file: sudo vim /etc/network/interfaces and edit the wlan0 section, it should look like this:
allow-hotplug wlan0
iface wlan0 inet static
address 172.24.1.1
netmask 255.255.255.0
network 172.24.1.0
broadcast 172.24.1.255
# wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf
Then sudo service dhcpcd restart to restart the dhcpcd service, sudo ifdown wlan0; sudo ifup wlan0 to restart the network card
ConfigureHOSTAPD
Next, we need to configure hostapd. Create a new configuration file vim /etc/hostapd/hostapd.conf, and add the following content:
# This is the name of the WiFi interface we configured above
interface=wlan0
# Use the nl80211 driver with the brcmfmac driver
driver=nl80211
# This is the name of the network
ssid=Pi3-AP
# Use the 2.4GHz band
hw_mode=g
# Use channel 6
channel=6
# Enable 802.11n
ieee80211n=1
# Enable WMM
wmm_enabled=1
# Enable 40MHz channels with 20ns guard interval
ht_capab=[HT40][SHORT-GI-20][DSSS_CCK-40]
# Accept all MAC addresses
macaddr_acl=0
# Use WPA authentication
auth_algs=1
# Require clients to know the network name
ignore_broadcast_ssid=0
# Use WPA2
wpa=2
# Use a pre-shared key
wpa_key_mgmt=WPA-PSK
# The network passphrase
wpa_passphrase=raspberry
# Use AES, instead of TKIP
rsn_pairwise=CCMP
At this point, we need to confirm if hostapd can work, execute sudo /usr/sbin/hostapd and /etc/hostapd/hostapd.conf. If everything goes smoothly, you should be able to see a WiFi network named Pi3-AP. If you try to connect to it at this time, you will see something being printed on your PI, but you will not be able to get an IP address, you still need to set up the dnsmasq file in the next step. Ctrl+C to close it.
We are not done yet, because we need to tell hostapd where to find the configuration file when it starts. Open the default configuration file vim /etc/default/hostapd and find#DAEMON_CONF=”” and replace it with thisDAEMON_CONF=”/etc/hostapd/hostapd.conf”
ConfigureDNSMASQ
The original dnsmasq configuration file contains some rich information, but it’s too much for us, we don’t need it. It is recommended to remove it (note: not delete), we create a new one to replace it.
sudo mv /etc/dnsmasq.conf /etc/dnsmasq.conf.orig
sudo nano /etc/dnsmasq.conf
Copy and paste the following content into the new file:
interface=wlan0 # Use interface wlan0
listen-address=172.24.1.1 # Explicitly specify the address to listen on
bind-interfaces # Bind to the interface to make sure we aren’t sending things elsewhere
server=8.8.8.8 # Forward DNS requests to Google DNS
domain-needed # Don’t forward short names
bogus-priv # Never forward addresses in the non-routed address spaces.
dhcp-range=172.24.1.50,172.24.1.150,12h # Assign IP addresses between 172.24.1.50 and 172.24.1.150 with a 12 hour lease time
Set upIPV4 forwarding
Before we can successfully forward our packets, we need to do one last thing. Open the sysctl.conf file vim /etc/sysctl.conf and remove the # from the beginning of the line containing net.ipv4.ip_forward=1. This will take effect on the next reboot, if you are impatient, you can activate it immediately like this:sudo sh -c “echo 1 > /proc/sys/net/ipv4/ip_forward”
We need to share the PI‘s WIFI connection by configuring NAT between wlan0 and eth0. Use the command below.
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sudo iptables -A FORWARD -i eth0 -o wlan0 -m state –state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT
However, we need these rules to apply to my Pi every time the machine is rebooted, so runsudo sh -c “iptables-save > /etc/iptables.ipv4.nat” to save these rules in /etc/iptables.ipv4.nat file. Now we need to enable these rules every time the machine reboots, so we also need to configure this file vim /etc/rc.local and add the following content above the line exit 0:
iptables-restore < /etc/iptables.ipv4.nat
Almost successful!
Now we just need to restart our services:
sudo service hostapd start
sudo service dnsmasq start
That’s it! You should be able to connect to the Internet through your PI‘s WIFI!
Restart again to confirm if our configuration is correct!
EDIT: Thanks to Justin for helping iron out some of the errors in this post!
EDIT2: Thanks to Ashok for several performance related enhancements!
EDIT3: Thanks to Lasse for some amendments to the dnsmasq configuration!
EDIT4: Fixed race condition between dhcpcd and dnsmasq, wlan0 is no longer configured by dhcpcd.
PHIL MARTIN
