fl2440添加rt3070wifi模块--关于AP模式

实际上路由器主要是由有线网卡和无线网卡组成（当然内核也有份），我们将无线网卡rt3070和fl2440上的有线网卡ｄｍ９０００这个组合当做一个路由器，有线网卡作为ＷＡＮ口（连接广域网），无线网卡作为ＬＡＮ口（连接局域网）．

在这里，我将开发板和无线网卡制成的路由器当做二级路由，即连接到已有的路由器（一级路由）．

说明：这篇文章涉及到上篇文章的站点模式，制作ＡＰ的前提是加载了固件rt2870.bin; 移植了openssl，因为hostapd的移植需要用到相关库和头文件；busybox选取了DHCP服务等等.

1.内核配置：

[*] Networking support  --->  
Networking options  ---> 
[*] Network packet filtering framework (Netfilter)  ---> 
Core Netfilter Configuration  --->  //除了下面列出的其他全选
< > Transparent proxying support (EXPERIMENTAL)  
< >   set target and match support 
< >   CHECKSUM target support 
< >   "CT" target support
< >   "DSCP" and "TOS" target support
< >   "NOTRACK" target support
< >   "TCPOPTSTRIP" target support (EXPERIMENTAL)
< >   "dscp" and "tos" match support
< >   "ipvs" match support
<*>   IP set support  --->
(256) Maximum number of IP sets 
<*>   bitmap:ip set support
<*>   bitmap:ip,mac set support
<*>   bitmap:port set support 
<*>   list:set set support
<*>   IP virtual server support  ---> //除了下面列出的其他全选
[ ]   IP virtual server debugging
[ ]   SCTP load balancing support 
< >   FTP protocol helper 
< >   SIP persistence engine
IP: Netfilter Configuration  ---> //里面的全选
<*>   RF switch subsystem support  ---> 
//注意要选最后一项，不然在使用hostapd命令时会出错，“rfkill: Cannot open RFKILL control device”.

2.先移植libnl，因为hostapd移植需要用到它的库文件和头文件

wget https://coding.net/u/sfantree/p/self_use_OSS/git/raw/master/source/libnl-1.1.tar.gz
tar xzvf libnl-1.1
cd libnl-1.1
./configure CC=/opt/buildroot-2012.08/arm920t/usr/bin/arm-linux-gcc --prefix=/home/luminqi/fl2440/3rdparty/libnl --host=arm-linux
make
make install
将/home/luminqi/fl2440/3rdparty/libnl/lib/libnl.so.1.1移植到开发板/lib/

3.hostapd移植

wget https://coding.net/u/sfantree/p/self_use_OSS/git/raw/master/source/hostapd-1.0.tar.gz
tar xvzf hostapd-1.0.tar.gz
cd hostapd-1.0
cd hostapd/
cp defconfig .config
vim .config
添加如下： 

31 CC=/opt/buildroot-2012.08/arm920t/usr/bin/arm-linux-gcc
 32 
 33 CFLAGS += -I/home/luminqi/fl2440/3rdparty/openssl/include/
 34 LIBS += -L/home/luminqi/fl2440/3rdparty/openssl/lib
 35 LDFLAGS += -L/home/luminqi/fl2440/3rdparty/openssl/lib
 36 
 37 CFLAGS += -I/home/luminqi/fl2440/3rdparty/libnl/include
 38 LIBS += -L/home/luminqi/fl2440/3rdparty/libnl/lib
 39 LDFLAGS += -L/home/luminqi/fl2440/3rdparty/libnl/lib

make

[luminqi@localhost hostapd]$ file hostapd
hostapd: ELF 32-bit LSB executable, ARM, version 1 (SYSV), dynamically linked (uses shared libs), not stripped
[luminqi@localhost hostapd]$ readelf -d ./hostapd  //查看依赖关系
Dynamic section at offset 0x5b00c contains 24 entries:
  Tag        Type                         Name/Value
 0x00000001 (NEEDED)                     Shared library: [libnl.so.1]
 0x00000001 (NEEDED)                     Shared library: [libssl.so.1.0.0]
 0x00000001 (NEEDED)                     Shared library: [libcrypto.so.1.0.0]
 0x00000001 (NEEDED)                     Shared library: [libc.so.0]
将hostapd-1.0/hostapd/hostapd移植到开发板/bin/，移植之后注意给权限．

4.开发板上开启热点

1）配置文件hostapd.conf

vi /etc/hostapd.conf

interface=wlan0 #开启AP的网卡
ssid=fl2440_wifi
driver=nl80211   #所需驱动
channel=3  #频段 中国大陆1-13可选
hw_mode=g
ignore_broadcast_ssid=0
wpa=3
auth_algs=1
wpa_key_mgmt=WPA-PSK
wpa_passphrase=12345678
wpa_pairwise=TKIP
rsn_pairwise=CCMP

>: ifconfig wlan0 up   //启动无线网卡

>: mv /dev/random /dev/random.bak  //解决随机数错误问题，采用符号链接的方法
>: ln -s /dev/urandom /dev/random
>: hostapd -B /etc/hostapd.conf　　//守护进程启动，开启热点
hostapd: can't load library 'libnl.so.1'  //出现错误，重命名库文件即可
>: cd /lib
>: mv libnl.so.1.1 libnl.so.1

>: hostapd -B /etc/hostapd.conf       
Configuration file: /etc/hostapd.conf
rfkill: Cannot open RFKILL control device
phy0 -> rt2x00mac_conf_tx: Info - Configured TX queue 0 - CWmin: 3, CWmax: 4, Aifs: 2, TXop: 102.
phy0 -> rt2x00mac_conf_tx: Info - Configured TX queue 1 - CWmin: 4, CWmax: 5, Aifs: 2, TXop: 188.
phy0 -> rt2x00mac_conf_tx: Info - Configured TX queue 2 - CWmin: 5, CWmax: 10, Aifs: 3, TXop: 0.
phy0 -> rt2x00mac_conf_tx: Info - Configured TX queue 3 - CWmin: 5, CWmax: 10, Aifs: 7, TXop: 0.
Using interface wlan0 with hwaddr 00:22:c0:2f:e7:7a and ssid 'fl2440_wifi'
phy0 -> rt2x00mac_conf_tx: Info - Configured TX queue 0 - CWmin: 2, CWmax: 3, Aifs: 1, TXop: 47.
phy0 -> rt2x00mac_conf_tx: Info - Configured TX queue 1 - CWmin: 3, CWmax: 4, Aifs: 1, TXop: 94.
phy0 -> rt2x00mac_conf_tx: Info - Configured TX queue 2 - CWmin: 4, CWmax: 6, Aifs: 3, TXop: 0.
phy0 -> rt2x00mac_conf_tx: Info - Configured TX queue 3 - CWmin: 4, CWmax: 10, Aifs: 7, TXop: 0.

／／到此开启热点成功，可以用手机搜到热点，用ifconfig查看发现多了一个连接

>: ifconfig
eth0      Link encap:Ethernet  HWaddr 36:D5:CE:0E:84:33  
          inet addr:192.168.1.111  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:8574 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8068 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:4562704 (4.3 MiB)  TX bytes:371170 (362.4 KiB)
          Interrupt:51 Base address:0x2300 


mon.wlan0 Link encap:UNSPEC  HWaddr 00-22-C0-2F-E7-7A-00-00-00-00-00-00-00-00-00-00  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1511 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:408733 (399.1 KiB)  TX bytes:0 (0.0 B)


wlan0     Link encap:Ethernet  HWaddr 00:22:C0:2F:E7:7A  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

5.为了使手机电脑连接上热点自动获取IP，需要启动DHCP服务器
1）配置文件udhcpd.conf，可以参考网上的资料

vi /etc/udhcpd.conf

start 192.168.2.20
end 192.168.2.254　　
//ip池开始和结束在同一网段即可，因为一级路由网关是192.168.1.1，所以二级路由（无线网卡）不再用点一网段．
interface wlan0　　
opt dns 114.114.114.114 
option subnet 255.255.225.0
opt router 192.168.2.1　//与ip池在同一网段
option lease 7200　

mkdir -p /var/lib/misc/

touch /var/lib/misc/udhcpd.leases  //在路径/var/lib/misc/下创建一个租赁文件
ifconfig wlan0 192.168.2.1 netmask 255.255.255.0
udhcpd /etc/udhcpd.conf  //启动DHCP服务

到此可以连接热点，但还不能上网

6.关于连接热点上网，使用防火墙策略．

1）iptables移植

wget https://coding.net/u/sfantree/p/self_use_OSS/git/raw/master/source/iptables-1.4.12.tar.bz2
tar -xjf iptables-1.4.12.tar.bz2

[luminqi@localhost iptables-1.4.12]$ ./configure --prefix=/home/luminqi/fl2440/3rdparty/iptables --host=arm-linux --enable-static --disable-shared  --disable-ipv6 --disable-largefile CC=/opt/buildroot-2012.08/arm920t/usr/bin/arm-linux-gcc
make
make install
需要的是/home/luminqi/fl2440/3rdparty/iptables/sbin/xtables-multi，将xtables-multi移植到开发板/bin/，并将xtables-multi重命名为iptables，移植之后注意给权限．

2)保证有线网卡可以上网，用网线连接开发板和一级路由器（一级路由器动态分配ip给eth0）
ifconfig eth0 up
udhcpc -i eth0

3)开发板加上无线网卡rt3070作为２级路由使用
ifconfig wlan0 192.168.2.1　　／／手动分配ip给wlan0
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

／／开启转发功能，允许已建立连接和相关连接对内转发
iptables -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISH -j ACCEPT 

／／实现对外转发，数据包从ｗｌａｎ０流向ｅｔｈ０
iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT

／／开启Ｌｉｎｕｘ的转发功能
cat /proc/sys/net/ipv4/ip_forward　／／默认为零，表示禁止数据包转发，将其修改为１，表示允许转发
echo 1 >/proc/sys/net/ipv4/ip_forward
到此连上wifi就可以上网了