Setup AP network with local dns routing on RaspberryPi

setup-ap.sh

#!/bin/bash

if [[ "$EUID" -ne 0 ]]; then
    echo -e "\e[31mPlease run as root\e[0m"
    exit 1
fi

read -p "Please provide your new SSID: " SSID

read -p "Please provide your new AP network (i.e. 192.168.1.X). Remember to put X at the end!!! " NETWORK 
if [ `echo ${NETWORK} | grep X$ | wc -l` -eq 0 ]; then
    echo -e "\e[31mInvalid AP network provided... No X was found at the end of you input.\e[0m"
    exit 2
fi

ADDRESS=`echo ${NETWORK} | sed -e "s/X/1/"`
LOWER_ADDR=`echo ${NETWORK} | sed -e "s/X/10/"`
UPPER_ADDR=`echo ${NETWORK} | sed -e "s/X/250/"`
BROADCAST=`echo ${NETWORK} | sed -e "s/X/255/"`


read -p "Please provide the domaine name you want to respond (\"#\" for wildcard): " DOMAIN

echo -e "\e[1mUpdating repositories...\e[0m"
apt-get update

echo -e "\e[1mDownloading and installing packages: hostapd dnsmasq iptables.\e[0m" 
apt-get -y install hostapd dnsmasq iptables


if [ `lsusb | grep "RTL8188CUS\|RTL8192CU" | wc -l` -ne 0 ]; then
    echo -e "\e[1mYour WiFi is based on the chipset that requires special version of hostapd.\e[0m"
    echo -e "\e[1mSetup will download it for you.\e[0m"
    CHIPSET="yes"
else
    echo -e "\e[1mSome of the WiFi chipset require special version of hostapd.\e[0m"
    echo -e "\e[1mPlease answer yes if you want to have different version of hostapd downloaded.\e[0m"
    echo "(it is not recommended unless you had experienced issues with running regular hostapd)"
    read ANSWER
    if [ ${ANSWER,,} = "yes" ]; then
        CHIPSET="yes"
    else
        CHIPSET="no"
    fi
fi


if [ ${CHIPSET} = "yes" ]; then 
    wget http://www.daveconroy.com/wp3/wp-content/uploads/2013/07/hostapd.zip
    unzip hostapd.zip
    mv hostapd /usr/sbin/hostapd
    chown root:root /usr/sbin/hostapd
    chmod 755 /usr/sbin/hostapd
fi


echo -e "\e[1mConfigure: /etc/hostapd/hostapd.conf\e[0m"
if [ ! -f /etc/hostapd/hostapd.conf ]; then
    touch /etc/hostapd/hostapd.conf
else
    cp /etc/hostapd/hostapd.conf /etc/hostapd/hostapd.conf.bak
fi
echo "interface=wlan0"           >  /etc/hostapd/hostapd.conf
if [ ${CHIPSET} = "yes" ]; then
    echo "driver=rtl871xdrv"     >> /etc/hostapd/hostapd.conf
    echo "ieee80211n=1"          >> /etc/hostapd/hostapd.conf
    echo "device_name=Wireless AP" >> /etc/hostapd/hostapd.conf
    echo "manufacturer=Realtek"  >> /etc/hostapd/hostapd.conf
else
    echo "driver=nl80211"        >> /etc/hostapd/hostapd.conf
fi
echo "ssid=${SSID}"              >> /etc/hostapd/hostapd.conf
echo "hw_mode=g"                 >> /etc/hostapd/hostapd.conf
echo "channel=1"                 >> /etc/hostapd/hostapd.conf
echo "macaddr_acl=0"             >> /etc/hostapd/hostapd.conf
# echo "ignore_broadcast_ssid=0"   >> /etc/hostapd/hostapd.conf
# echo "wpa=3"                     >> /etc/hostapd/hostapd.conf
# echo "wpa_passphrase=123456789"  >> /etc/hostapd/hostapd.conf
# echo "wpa_key_mgmt=WPA-PSK"      >> /etc/hostapd/hostapd.conf
# echo "wpa_pairwise=TKIP"         >> /etc/hostapd/hostapd.conf
# echo "rsn_pairwise=CCMP"         >> /etc/hostapd/hostapd.conf

cp /etc/default/hostapd /etc/default/hostapd.bak
echo -e "\e[1mConfigure: /etc/default/hostapd\e[0m"
echo "DAEMON_CONF=\"/etc/hostapd/hostapd.conf\"" > /etc/default/hostapd


echo  -e "\e[1mConfigure: /etc/dnsmasq.conf\e[0m"
echo "log-facility=/var/log/dnsmasq.log"           >> /etc/dnsmasq.conf
echo "address=/bitbucket.org/131.103.20.168"       >> /etc/dnsmasq.conf
echo "address=/github.com/192.30.252.130"          >> /etc/dnsmasq.conf
echo "address=/${DOMAIN}/${ADDRESS}"               >> /etc/dnsmasq.conf
# Interface to bind to
echo "interface=wlan0"                             >> /etc/dnsmasq.conf
# Specify starting_range,end_range,lease_time
echo "dhcp-range=${LOWER_ADDR},${UPPER_ADDR},12h" >> /etc/dnsmasq.conf
# disables dnsmasq reading any other files like /etc/resolv.conf for nameservers
echo "no-resolv"                                   >> /etc/dnsmasq.conf
echo "log-queries"                                 >> /etc/dnsmasq.conf


echo -e "\e[1mConfigure: iptables\e[0m"
sudo iptables -F
sudo iptables -i wlan0 -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
sudo iptables -i wlan0 -A INPUT -p tcp --dport 80 -j ACCEPT
sudo iptables -i wlan0 -A INPUT -p tcp --dport 443 -j ACCEPT
sudo iptables -i wlan0 -A INPUT -p udp --dport 53 -j ACCEPT
sudo iptables -i wlan0 -A INPUT -p udp --dport 67:68 -j ACCEPT
sudo iptables -i wlan0 -A INPUT -j DROP
sudo sh -c "iptables-save > /etc/iptables.rules"


echo -e "\e[1mConfigure: /etc/network/interfaces\e[0m"
cp /etc/network/interfaces /etc/network/interfaces.bak
echo "auto lo"                                       > /etc/network/interfaces
echo "iface lo inet loopback"                        >> /etc/network/interfaces
echo "auto eth0"                                     >> /etc/network/interfaces
echo "allow-hotplug eth0"                                     >> /etc/network/interfaces
echo "iface eth0 inet dhcp"                          >> /etc/network/interfaces
echo "iface wlan0 inet static"                       >> /etc/network/interfaces
echo "    address ${ADDRESS}"                        >> /etc/network/interfaces
echo "    netmask 255.255.255.0"                     >> /etc/network/interfaces
echo "    broadcast ${BROADCAST}"                    >> /etc/network/interfaces
echo "pre-up iptables-restore < /etc/iptables.rules" >> /etc/network/interfaces


echo -e "\e[1mConfigure: startup\e[0m"
update-rc.d hostapd defaults
update-rc.d dnsmasq defaults

echo -e "\e[1;32mYOU NEED TO RESTART\e[0m"

exit 0

This script needs to download the Realtek 8192CU driver, you must compile it yourself then upload it on a server and put its url in the script at line 44.