Search by Tags

Wireless Access Point Mode

 
Applicable for

Tags

Article updated at 09 Oct 2019
Compare with Revision




Subscribe for this article updates

Introduction

This article describes how to setup a Wi-Fi Access Point, sometimes referred to as AP mode, using open source software Hostapd.

First of all, make sure that the Wi-Fi adapter supports Access Point mode. You can check which Toradex modules have built-in Wi-Fi in the Wifi\BT enabled Toradex SoMs article, and for other modules in the WiFi\BT adapters article.

Prerequisites

This setup was tested using the following hardware and software:

  • Embedded Linux BSP release 2.8
  • Colibri iMX6ULL 512MB WB IT V1.1A.

Instructions may vary when using other Wi-Fi adapters.

Configure AP Mode

Steps are provided for configuring AP mode.

Get the Correct Interface Name

Check current mode and available interfaces, you should see a single interface in AP mode, like this:

$ iw dev
phy#0
        Interface <IF_NAME>
                ifindex 5
                wdev 0x2
                addr d0:c5:d3:33:cd:31
                type **AP**
                txpower 0.00 dBm

Considering the test environment from Prerequisites section, the name of the interface is uap0.

Configure Hostapd

Set the Access Point interface IP and SSID in Hostapd configuration file. Change the following variables in /etc/hostapd.conf:

/etc/hostapd.conf
interface=<IF_NAME> # Access Point interface name ssid=access-point # SSID hw_mode=g # default channel=1 # default own_ip_addr=192.168.8.1 # IP address of the Access Point interface #wpa=1 # no wpa

To provide the Access Point interface with a static IP address and DHCP, it is necessary to create the file /etc/systemd/network/hostapd.network:

/etc/systemd/network/hostapd.network
[Match] Name=<IF_NAME> [Network] Address=192.168.8.1/24 DHCPServer=yes

The Hostapd service starts concurrently with the network manager and it fails. To work around this, edit the property After from file /lib/systemd/system/hostapd.service:

/lib/systemd/system/hostapd.service
# After=network.target After=multi-user.target

Reload the systemd configuration:

systemctl --system daemon-reload

Enble Hostapd

At last, activate the following services:

$ connmanctl enable wifi
$ systemctl enable hostapd
$ systemctl start hostapd

Check the Access Point interface:

$ ip a s dev <IF_NAME>

Now you can connect to this Access Point from other Wi-Fi devices. Access Point will automatically start after reboot.

Configure Internet Sharing

Once AP Mode is configured, it's a common scenario to share internet connection from another interface. This section relies in the Internet Sharing article from the Arch Wiki.

Enable Packet Forwarding

Create a file to add the packet forwarding rules:

/etc/sysctl.d/30-ipforward.conf
net.ipv4.ip_forward=1
net.ipv6.conf.default.forwarding=1
net.ipv6.conf.all.forwarding=1

The changes will take effect after a reboot.

Enable NAT

NAT relies on kernel configuration and userspace tools. This section is thus split in two.

Kernel Configuration

For the example from this article, we have to make sure that the following kernel parameters are enabled. You have to evaluate if additional parameters are required for your use case:

CONFIG_IP_NF_IPTABLES=y
CONFIG_NETFILTER_XT_MATCH_CONNTRACK=y

You will find those configs in Networking support > Networking options > Network packet filtering framework (Netfilter). See an illustration (you may click it to see in higher resolution):


  • Core Netfilter Configuration

    Core Netfilter Configuration Menu

It may be possible to compile those configs as modules - check the kernel documentation. For instructions on how to build the kernel or modules, read the article Build U-Boot and Linux Kernel from Source Code.

After the new kernel is deployed, you can verify if it has the correct configs:

zcat /proc/config.gz | grep IP_NF_IPTABLES
zcat /proc/config.gz | grep NETFILTER_XT_MATCH_CONNTRACK

iptables Configuration and Setup

You might have to enable some kernel modules, depending on your configuration.

You can use iptables to enable NAT and a systemd service to make it start on reboot. First, enable the rules for the current session:

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i uap0 -o eth0 -j ACCEPT

Save the current config to /etc/iptables/iptables.rules:

mkdir /etc/iptables/
iptables-save > /etc/iptables/iptables.rules

Create a systemd service file iptables.service. The example is modified from the iptables package from Arch Linux:

/lib/systemd/system/iptables.service
[Unit]
Description=IPv4 Packet Filtering Framework
Before=network-pre.target
Wants=network-pre.target
 
[Service]
Type=oneshot
ExecStart=/usr/sbin/iptables-restore /etc/iptables/iptables.rules
ExecReload=/usr/sbin/iptables-restore /etc/iptables/iptables.rules
RemainAfterExit=yes
 
[Install]
WantedBy=multi-user.target

Notice that in the example above we don't have a rule to stop the service. Carefully evaluate if you need it and the best method for stopping the service, where a good starting point is the iptables package aforementioned.

Reload the systemd services and enable:

systemctl --system daemon-reload
systemctl enable iptables

Enable DHCP and DNS

There are utils that can enable both DHCP and DNS servers. You might want to use dhcpd or dnsmasq.