access-point.sh

### BEGIN INIT INFO
# Provides:          access-point
# Required-Start:    $remote_fs $syslog
# Required-Stop:     $remote_fs $syslog
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Control hostapd access point
# Description:       Control hostapd Wifi access point on Raspberry Pi 3 running Kali Linux
### END INIT INFO
MENUDIR=./
dnsmasq=/etc/dnsmasq-dhcpd.conf
ras_ap=/etc/ras-ap.conf

start() {
	echo "--------------------------------"
	echo "   START Remote Access WiFi AP"
	echo "--------------------------------"
	# Do we have the required configuration files?
	if [ ! -e $ras_ap ]; then
		install
	fi

        if [ -f /usr/bin/nexutil ]; then
            sleep 2
	    iw phy phy0 interface add mon0 type monitor && ifconfig mon0 up
	    ip link show dev mon0
        fi
        if [ -f /var/lib/misc/dnsmasq.leases ]; then
            rm /var/lib/misc/dnsmasq.leases
        fi

        upstream=usb0
        phy=wlan0
        hostapd=/usr/sbin/hostapd
	
	# We neeed network-manager to manage other devices but not the Wifi
	#wpasupplicant=/etc/network/if-up.d/wpasupplicant
	#if [ \( -L "${wpasupplicant}" \) ]; then
	#	echo "Removing wpasupplicant file"
	#	echo $wpasupplicant
	#	rm /etc/network/if-up.d/wpasupplicant
	#fi
        #service network-manager stop
        rfkill unblock wlan

        ip link set dev $phy up

        sed -i "s/^interface=.*$/interface=$phy/" $ras_ap
        $hostapd $ras_ap&
        sleep 5
        ip addr add 192.168.201.1/24 dev $phy
        route add -net 192.168.201.0 netmask 255.255.255.0 gw 192.168.201.1

        dnsmasq -z -C $dnsmasq -i $phy -I lo

##        #Enable NAT
        echo '1' > /proc/sys/net/ipv4/ip_forward
        iptables --policy INPUT ACCEPT
        iptables --policy FORWARD ACCEPT
        iptables --policy OUTPUT ACCEPT
        iptables -F
        iptables -t nat -F
        iptables -t nat -A POSTROUTING -o $upstream -j MASQUERADE
        iptables -A FORWARD -i $phy -o $upstream -j ACCEPT

}

stop() {

        echo "---------------------------------------"
        echo "   STOP Remote Access Wifi-AP SERVICES "
        echo "---------------------------------------"
        pkill dnsmasq
        pkill hostapd
        pkill python
	ip addr del 192.168.201.1/24 dev $phy
        if [ -f /usr/bin/nexutil ]; then
            ifconfig mon0 down 
	    iw dev mon0 del
	    ip link show dev mon0
        fi
}

install() {
	echo "Creating.. $ras_ap"
	cat <<EOT >> $ras_ap
interface=wlan0
driver=nl80211
ssid=_maat
#ignore_broadcast_ssid=1
hw_mode=g
channel=11
ieee80211n=1
wmm_enabled=1
ht_capab=[HT40][SHORT-GI-20][DSSS_CCK-40]
macaddr_acl=0
auth_algs=1
wpa=2
wpa_key_mgmt=WPA-PSK
wpa_passphrase=YourPassword
wpa_pairwise=TKIP
rsn_pairwise=CCMP
EOT

	echo "Creating.. $dnsmasq"
        cat <<EOT >> $dnsmasq
dhcp-range=192.168.201.100,192.168.201.254,1h
dhcp-option=6,192.168.201.1,8.8.8.8 #DNS
dhcp-option=3,192.168.201.1 #Gateway
dhcp-option=252,"http://wpad.example.com/wpad.dat\n" #WPAD
dhcp-authoritative
log-queries
EOT

}

case "$1" in
    start)
       start
       ;;
    stop)
       stop
       ;;
    restart)
       	stop
       	start
	;;
    force-reload)
	;;
    install)
	install
	;;
    status)
        PID=$(ps auxww | grep "[r]as-ap.conf" | awk '{print $2}')
        if test ${PID:-0} -gt 0
        then
            echo "RAS-AP is running."
            return 1
        else
            echo "RAS-AP is not running."
            return 0
        fi
       ;;
    *)
       echo "Usage: $0 {start|stop|status|restart|install}"
esac