前面有两篇文章,一篇是pcDuino内核开发指南,一篇是移植rt5370 soft AP驱动。是这篇文章的基础,如果你想实现本文介绍的效果请先完成前面文章介绍的内容。
(一)支持iptables
pcDuino的内核是不支持NAT的,很明显的标志是当你执行iptables -L的时候他会提示你需要更新内核。如果想实现,必须要重新配置内核。具体的配置过程请参照前面的文章,这里介绍配置的内容。
[*] Networking support —>
Networking options —>
[*] Network packet filtering framework (Netfilter) —>
Core Netfilter Configuration —>
-*- Netfilter LOG over NFNETLINK interface
<*> Netfilter connection tracking support
-*- Netfilter Xtables support (required for ip_tables)
IP: Netfilter Configuration —>
配置完成后重新编译内核,并将编译好的内核烧写。重启系统,执行
root@ubuntu :/home/ubuntu# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
这是没有添加任何过滤和转发功能的iptables。
(二)hostapd
hostapd 是一个用户态用于AP和认证服务器的守护进程。它实现了IEEE 802.11相关的接入管理,IEEE 802.1X/WPA/WPA2/EAP 认证, RADIUS客户端,EAP服务器和RADIUS 认证服务器。Linux下支持的驱动有:Host AP,madwifi,基于mac80211的驱动。
pcDuino的软件源里面是有hostapd,但是要实现wifi热点不能用,因为配置上有些问题,从下面的过程中你会知道原因。
在http://hostap.epitest.fi/hostapd/的官网上可以下载hostapd的源码。由于rt5370并不是很新的硬件,请选择在ftp http://hostap.epitest.fi/releases/选择1.0版本,下载完成后
tar xvf hostapd-1.0.tar.gz
cd hostapd-1.0/hostapd/
vim defconfig
找到#CONFIG_IEEE80211N=y 去掉前面的#注释,我们在通过apt-get 得到的是没有加这个选项,在使用的时候他会提示
nl80211: ‘nl80211′ generic netlink not found
Failed to initialize driver ‘nl80211′
修改之后,cp defconfig .config
make
make install
在make的时候会出现错误。具体的bug信息如下:
../src/drivers/driver_nl80211.c:19:31: fatal error: netlink/genl/genl.h: No such file or directory
compilation terminated.
make: *** [../src/drivers/driver_nl80211.o] Error 1
这里要安装一些库。
sudo apt-get install libnl-dev
sudo apt-get install libssl-dev
安装完成之后。执行hostapd -v
root@ubuntu :~# hostapd -v
hostapd v1.0
User space daemon for IEEE 802.11 AP management,
IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
Copyright (c) 2002-2012, Jouni Malinen <[email protected]> and contributors
可以看到版本信息,说明安装成功。
(三)配置hostapd
vim /etc/hostapd.conf内容如下:
root@ubuntu :~# vim /etc/hostapd.conf
interface=wlan3
driver=nl80211
ssid=China
hw_mode=g
channel=11
dtim_period=1
rts_threshold=2347
fragm_threshold=2346
macaddr_acl=0
auth_algs=1
ieee80211n=0
wpa=2
wpa_passphrase=1234567890
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP
从配置文件可以看到我们要共享的wifi热点的
名字:ssid=China
密码:wpa_passphrase=1234567890
加密方式:wpa_key_mgmt=WPA-PSK
保存之后执行hostapd -dd /etc/hostapd.conf.会打印一下信息。
root@ubuntu :~# hostapd -dd /etc/hostapd.conf
random: Trying to read entropy from /dev/random
Configuration file: /etc/hostapd.conf
nl80211: interface wlan3 in phy phy3
rfkill: initial event: idx=0 type=2 op=0 soft=0 hard=0
rfkill: initial event: idx=4 type=1 op=0 soft=0 hard=0
nl80211: Using driver-based off-channel TX
nl80211: Register frame command failed (type=208): ret=-114 (Operation already in progress)
nl80211: Register frame match – hexdump(len=1): 06
nl80211: Failed to register Action frame processing – ignore for now
nl80211: Add own interface ifindex 23
nl80211: Set mode ifindex 23 iftype 3 (AP)
nl80211: Create interface iftype 6 (MONITOR)
Failed to create interface mon.wlan3: -23 (Too many open files in system)
Try to remove and re-create mon.wlan3
nl80211: Remove interface ifindex=37
nl80211: Create interface iftype 6 (MONITOR)
nl80211: New interface mon.wlan3 created: ifindex=38
nl80211: Add own interface ifindex 38
BSS count 1, BSSID mask 00:00:00:00:00:00 (0 bits)
nl80211: Regulatory information – country=00
nl80211: 2402-2472 @ 40 MHz
nl80211: 2457-2482 @ 40 MHz
nl80211: 2474-2494 @ 20 MHz
nl80211: 5170-5250 @ 40 MHz
nl80211: 5735-5835 @ 40 MHz
nl80211: Added 802.11b mode based on 802.11g information
Allowed channel: mode=1 chan=1 freq=2412 MHz max_tx_power=20 dBm
Allowed channel: mode=1 chan=2 freq=2417 MHz max_tx_power=20 dBm
Allowed channel: mode=1 chan=3 freq=2422 MHz max_tx_power=20 dBm
Allowed channel: mode=1 chan=4 freq=2427 MHz max_tx_power=20 dBm
Allowed channel: mode=1 chan=5 freq=2432 MHz max_tx_power=20 dBm
Allowed channel: mode=1 chan=6 freq=2437 MHz max_tx_power=20 dBm
Allowed channel: mode=1 chan=7 freq=2442 MHz max_tx_power=20 dBm
Allowed channel: mode=1 chan=8 freq=2447 MHz max_tx_power=20 dBm
Allowed channel: mode=1 chan=9 freq=2452 MHz max_tx_power=20 dBm
Allowed channel: mode=1 chan=10 freq=2457 MHz max_tx_power=20 dBm
Allowed channel: mode=1 chan=11 freq=2462 MHz max_tx_power=20 dBm
Allowed channel: mode=1 chan=13 freq=2472 MHz max_tx_power=20 dBm
Allowed channel: mode=0 chan=1 freq=2412 MHz max_tx_power=20 dBm
Allowed channel: mode=0 chan=2 freq=2417 MHz max_tx_power=20 dBm
Allowed channel: mode=0 chan=3 freq=2422 MHz max_tx_power=20 dBm
Allowed channel: mode=0 chan=4 freq=2427 MHz max_tx_power=20 dBm
Allowed channel: mode=0 chan=5 freq=2432 MHz max_tx_power=20 dBm
Allowed channel: mode=0 chan=6 freq=2437 MHz max_tx_power=20 dBm
Allowed channel: mode=0 chan=7 freq=2442 MHz max_tx_power=20 dBm
Allowed channel: mode=0 chan=8 freq=2447 MHz max_tx_power=20 dBm
Allowed channel: mode=0 chan=9 freq=2452 MHz max_tx_power=20 dBm
Allowed channel: mode=0 chan=10 freq=2457 MHz max_tx_power=20 dBm
Allowed channel: mode=0 chan=11 freq=2462 MHz max_tx_power=20 dBm
Allowed channel: mode=0 chan=13 freq=2472 MHz max_tx_power=20 dBm
Completing interface initialization
Mode: IEEE 802.11g Channel: 11 Frequency: 2462 MHz
nl80211: Set freq 2462 (ht_enabled=0 sec_channel_offset=0)
RATE[0] rate=10 flags=0×1
RATE[1] rate=20 flags=0×1
RATE[2] rate=55 flags=0×1
RATE[3] rate=110 flags=0×1
RATE[4] rate=60 flags=0×0
RATE[5] rate=90 flags=0×0
RATE[6] rate=120 flags=0×0
RATE[7] rate=180 flags=0×0
RATE[8] rate=240 flags=0×0
RATE[9] rate=360 flags=0×0
RATE[10] rate=480 flags=0×0
RATE[11] rate=540 flags=0×0
Flushing old station entries
Deauthenticate all stations
wpa_driver_nl80211_set_key: ifindex=23 alg=0 addr=(nil) key_idx=0 set_tx=0 seq_len=0 key_len=0
wpa_driver_nl80211_set_key: ifindex=23 alg=0 addr=(nil) key_idx=1 set_tx=0 seq_len=0 key_len=0
wpa_driver_nl80211_set_key: ifindex=23 alg=0 addr=(nil) key_idx=2 set_tx=0 seq_len=0 key_len=0
wpa_driver_nl80211_set_key: ifindex=23 alg=0 addr=(nil) key_idx=3 set_tx=0 seq_len=0 key_len=0
Using interface wlan3 with hwaddr 00:c3:16:a0:03:ca and ssid ‘China’
Deriving WPA PSK based on passphrase
SSID – hexdump_ascii(len=5):
43 68 69 6e 61 China
PSK (ASCII passphrase) – hexdump_ascii(len=10): [REMOVED]
PSK (from passphrase) – hexdump(len=32): [REMOVED]
random: Got 20/20 bytes from /dev/random
Get randomness: len=32 entropy=0
GMK – hexdump(len=32): [REMOVED]
Get randomness: len=32 entropy=0
Key Counter – hexdump(len=32): [REMOVED]
WPA: Delay group state machine start until Beacon frames have been configured
nl80211: Set beacon (beacon_set=0)
WPA: Start group state machine to set initial keys
WPA: group state machine entering state GTK_INIT (VLAN-ID 0)
Get randomness: len=16 entropy=0
GTK – hexdump(len=16): [REMOVED]
WPA: group state machine entering state SETKEYSDONE (VLAN-ID 0)
wpa_driver_nl80211_set_key: ifindex=23 alg=3 addr=0x3b864 key_idx=1 set_tx=1 seq_len=0 key_len=16
broadcast key
wpa_driver_nl80211_set_operstate: operstate 0->1 (UP)
netlink: Operstate: linkmode=-1, operstate=6
wlan3: Setup of interface done.
RTM_NEWLINK: operstate=1 ifi_flags=0×1002 ()
nl80211: Ignore interface down event since interface wlan3 is up
nl80211: Ignore event for foreign ifindex 37
nl80211: Ignore dellink event for foreign ifindex 37
RTM_NEWLINK: operstate=1 ifi_flags=0×1002 ()
nl80211: Ignore interface down event since interface mon.wlan3 is up
RTM_NEWLINK: operstate=1 ifi_flags=0×11043 ([UP][RUNNING][LOWER_UP])
RTM_NEWLINK, IFLA_IFNAME: Interface ‘mon.wlan3′ added
Unknown event 5
RTM_NEWLINK: operstate=1 ifi_flags=0×11043 ([UP][RUNNING][LOWER_UP])
RTM_NEWLINK, IFLA_IFNAME: Interface ‘wlan3′ added
nl80211: if_removed already cleared – ignore event
nl80211: Event message available
nl80211: Delete station c4:6a:b7:69:9c:14
mgmt::deauth cb
Add randomness: count=1 entropy=0
Add randomness: count=2 entropy=1
Add randomness: count=3 entropy=2
Add randomness: count=4 entropy=3
Add randomness: count=5 entropy=4
Add randomness: count=6 entropy=5
Add randomness: count=7 entropy=6
Add randomness: count=8 entropy=7
Add randomness: count=9 entropy=8
Add randomness: count=10 entropy=9
Add randomness: count=11 entropy=10
Add randomness: count=12 entropy=11
Add randomness: count=13 entropy=12
Add randomness: count=14 entropy=13
Add randomness: count=15 entropy=14
以上信息中有个nl80211: Failed to register Action frame processing – ignore for now,可以看出已经 ignore,这说明这个错误不重要,重要的话她会停止。
这里需要说明一下,执行hostapd -dd /etc/hostapd.conf 它是不会停止的,他会一直添加随机的添加数字去加解密。我们需要手动的Ctrl+C把他中断掉。
(四)安装DHCP服务器
sudo apt-get install dhcp3-server
完成之后需要配置dhcp服务器。
vim /etc/dhcp/dhcpd.conf
在后面加上
subnet 192.168.0.0 netmask 255.255.255.0
{
range 192.168.0.2 192.168.0.10;
option routers 192.168.0.1; #网关,即wlan3的IP地址
option domain-name-servers 8.8.8.8;
}
重启hostapd,参数-B是hostapd后台运行。
sudo killall hostapd
hostapd -B /etc/hostapd.conf
设置无线网络的IP
ifconfig wlan3 192.168.0.1
启动dhcp-server
$ dhcpd wlan3 -pf /var/run/dhcp-server/dhcpd.pid
打开IP转发
echo 1 >/proc/sys/net/ipv4/ip_forward
设置NAT
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
有图有真相,下面是pcDuino实现AP的图片。
首先是电脑上连AP
小米手机连AP
三星S3连AP
下面查看pcduino的IP
wlan3 Link encap:Ethernet HWaddr 00:c3:16:a0:03:ca
inet addr:192.168.0.1 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::2c3:16ff:fea0:3ca/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:5862 errors:0 dropped:0 overruns:0 frame:0
TX packets:4221 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1204735 (1.2 MB) TX bytes:907948 (907.9 KB)