0 [Kubuntu 11.10] Sharing 3G internet over Wi-Fi using HostAPd

[UPDATE: There is an easier way to do this now. Recent versions of Ubuntu have an option in the Network Manager GUI to share one internet connection over a LAN or WLAN. So the following notes are for background only.]

In case they are useful, I've pasted below this message the Linux config files needed to share a 3G internet connection over WPA Wi-Fi, by using Ubuntu Linux and HostAPd to make your own wireless access point.

I used this setup today to share a 3G connection from Linux to an XKryptor VPN laptop, and to an iPhone accessing the iTunes store. (Aside: the iPhone has its own 3G connection, but due to Apple / O2 policy, it refuses to download podcasts >10MB unless it thinks it's on Wi-Fi! Another solution for that might be to jailbreak the iPhone using Pwnage Tool, install HostAPd on it, then see if it will connect to itself...)

Anyway, here goes... Of course you'll need to tweak these files slightly to set your own ESSID and WPA passphrase. These files are taken from a laptop using an Atheros WLAN card and MadWifi drivers, running Ubuntu 7.04 Feisty Fawn. Your mileage may vary if you have a different configuration, but Ubuntu comes with commented templates for the various config files, so you can always read those as a starting point if something doesn't work.

• Bring up the 3G card with KPPP (say) under Ubuntu Linux. The 3G thingy will be ppp0.


• Configure /etc/hostapd/hostapd.conf
  

      interface=ath0
      driver=madwifi
  
      ctrl_interface=/var/run/hostapd
      ctrl_interface_group=0
  
      ssid=your_ssid_here
      max_num_sta=255
      macaddr_acl=0
      auth_algs=3
  
      wme_enabled=0
      ieee8021x=0
      eapol_key_index_workaround=0
      eap_server=0
      own_ip_addr=127.0.0.1
  
      wpa=1
      wpa_passphrase=your_ultra_secret_keyphrase_goes_here
      wpa_key_mgmt=WPA-PSK
      wpa_pairwise=TKIP
      wpa_group_rekey=600
      wpa_gmk_rekey=86400

  
  


• Configure /etc/dhcp3/dhcpd.conf. (XK VPN users, please change the 10.x.x.x range to avoid a clash due to a bug in the XK VPN concentrator...)
  

      ddns-update-style none;
  
      default-lease-time 600;
      max-lease-time 7200;
  
      log-facility local7;
  
      option domain-name-servers 208.67.220.220,208.67.222.222 ;
        subnet 10.42.43.0 netmask 255.255.255.0 {
        range 10.42.43.50 10.42.43.70;
        option subnet-mask 255.255.255.0;
        option broadcast-address 10.42.43.255;
        option routers 10.42.43.1;
        }

  
  


• Create a script to fire it all up when required:
  

      cat > /usr/local/sbin/gohostapd
      #/bin/sh
  
      rmmod ath_pci
  
      modprobe ath_pci autocreate=ap
  
      iwconfig ath0 mode Master freq 2.42G essid your_ssid_here
      sleep 2
      ifconfig ath0 10.42.43.1/24
  
      iptables -t nat -A POSTROUTING -s 10.42.43.0/24 -o ppp0 -j MASQUERADE
      iptables -A FORWARD -s 10.42.43.0/24 -o ppp0 -j ACCEPT
      iptables -A FORWARD -d 10.42.43.0/24 -m state --state
      ESTABLISHED,RELATED -i ppp0 -j ACCEPT
  
      echo 1 >/proc/sys/net/ipv4/conf/all/forwarding
  
      echo 'INTERFACES=ath0' >/etc/default/dhcp
  
      dhcpd3 ath0
  
      hostapd -d /etc/hostapd/hostapd.conf

  
  

Once hostapd is running, you can run hostapd_cli to monitor the clients.

You might want to disable any Linux network services before running this. My machine doesn't offer any open network ports, so I haven't bothered checking the iptables rules too closely - they just do the NAT stuff so that traffic from the Wi-Fi clients gets routed properly.

Sumber: http://www.net42.co.uk/os/linux/sharing_3g_with_hostapd.html

Komentar →