Convenient switching wifi in access point mode

Based on the articles ( one , two ).
I know that on Habré and in Google this topic has been discussed more than once, however, when I decided to make my access point “for friends,” I was faced with certain difficulties, and the ready-made solutions turned out to be damp. Therefore, I suggest that inexperienced GNU / Linux users do it the way I did.

Distributing wi-fi from a 3g modem (and from the wired internet) when nothing else is at hand is a noble cause, so we will go through a quick way to get profit. The tutorial is intended for debian-based distributions. We will need hostapd - actually for distributing wi-fi, dnsmasq - for distributing ip-addresses and notify-send (optional) - for notifications. iptables is currently available out of the box. Put hostapd and stop it:

aptitude install hostapd service hostapd stop 

In the / etc / default / hostapd file we uncomment and fix the line:
')

 DAEMON_CONF="/etc/hostapd/hostapd.conf" 

Create and edit the /etc/hostapd/hostapd.conf file

 interface=wlan0 driver=nl80211 ssid=wifi_4_friends hw_mode=g channel=6 wpa=2 wpa_passphrase=12345678 wpa_key_mgmt=WPA-PSK wpa_pairwise=TKIP rsn_pairwise=CCMP auth_algs=1 macaddr_acl=0 

Everything is simple - the name of the access point, the password, the channel on which the driver will work.
Put dnsmasq and stop it:

 aptitude install dnsmasq service dnsmasq stop 

dnsmasq is good because it has everything and is simple to configure. Open the configuration file /etc/dnsmasq.conf:

 interface=wlan0 dhcp-range=192.168.2.2,192.168.2.100,12h 

It's all very simple, but if necessary, you can add an alternative dns server, and you can also force the hosts to send to 127.0.0.1, thereby blocking them. Details in the dnsmasq man help. One more thing, the dhcp-range addresses must be on the same network with wlan0. if for any reason you will not forcefully change the ip address for wlan0 in the startup script, then specify the pool here the same as in wlan0. For example, at home there is a router with the address 192.168.1.1 and a network of 192.168.1.0/24, then dhcp-range must be specified within this space, and also so that it does not overlap with the pool of addresses issued by the dhcp server of the router. We will go the way easier and we will specify another subnet.

Now disable autoloading daemons:

 update-rc.d hostapd disable update-rc.d dnsmasq disable 

All that remains is to enable / disable routing and add / remove a rule from iptables.

 sysctl net.ipv4.ip_forward=1 iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE 

We will do this automatically using a script. Everything is ready, and here is the wifi-ap script itself:

 #!/bin/bash #script to start/stop hostapd, dnsmasq, add/remove iptables rule set -e exec 3>&1 exec 2>&1 >> /tmp/wifi-ap function print_help(){ echo "Start/Stop Software Access Point" echo echo "Usage `basename $0` options..." echo "wifi-ap on to start Software AP" echo "wifi-ap off to stop Software AP" echo echo "log-file - /tmp/wifi-ap" echo } if [ $# = 0 ]; then print_help >&3 exit 0 fi if [ $1 = on ]; then ifconfig wlan0 192.168.2.1 service dnsmasq start sysctl net.ipv4.ip_forward=1 iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE service hostapd start notify-send --expire-time=4000 "Software Access Point" "<b>start</b>" exit 0 fi if [ $1 = off ]; then service dnsmasq stop service hostapd stop ifconfig wlan0 192.168.1.4 sysctl net.ipv4.ip_forward=0 iptables -D POSTROUTING -t nat -o ppp0 -j MASQUERADE notify-send --expire-time=4000 "Software Access Point" "<b>stop</b>" exit 0 fi 

It takes 2 parameters, on and off. You can easily correct it for yourself and, if necessary, replace the ppp0 interface with eth0 (or another one, at your discretion).

I am a debian user and do not use sudo, but you may need it.

Enjoy using.