Yocto build: AP and Cellular

yocto_setup.sh

# This version:
# brings WiFi in from the Huawei adapter on eth1
# pushes WiFi out from the built in adapter on wlan0
# sets up an ip address on 192.168.5.2 to ssh into from another computer


# Update network interfaces
#
cat << EOF > /etc/network/interfaces
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
  address 10.10.0.1
  netmask 255.0.0.0

auto wlan0
iface wlan0 inet static
  address 192.168.5.1
  netmask 255.255.255.0

auto eth1
iface eth1 inet dhcp
EOF

##################################################
# Setup hostapd
#
cat << EOF > /etc/hostapd.conf
# This is the name of the WiFi interface we configured above
interface=wlan0
# Use the nl80211 driver with the brcmfmac driver
driver=nl80211
# This is the name of the network
ssid=_wingnet_
# Use the 2.4GHz band
hw_mode=g
# Use channel 11 because 6 is crowded
channel=11
# Enable 802.11n
ieee80211n=1
# Enable WMM
wmm_enabled=1
# Enable 40MHz channels with 20ns guard interval
ht_capab=[HT40][SHORT-GI-20][DSSS_CCK-40]
# Accept all MAC addresses
macaddr_acl=0
# Use WPA authentication
auth_algs=1
# Require clients to know the network name
ignore_broadcast_ssid=0
# Use WPA2
wpa=2
# Use a pre-shared key
wpa_key_mgmt=WPA-PSK
# The network passphrase
wpa_passphrase=wingpass
# Use AES, instead of TKIP
rsn_pairwise=CCMP
EOF

##################################################
# Setup dnsmasq.conf
#
mv /etc/dnsmasq.conf /etc/dnsmasq.conf.default
cat << EOF > /etc/dnsmasq.conf
interface=wlan0
port=53
bind-interfaces      # Bind to wifi interface
server=8.8.8.8       # Forward DNS requests to Google DNS
no-poll
bogus-priv           # Never forward addresses in the non-routed address spaces.
neg-ttl=3600
cache-size=1000
dns-forward-max=150
domain-needed        # Don't forward short names
dhcp-range=192.168.5.10,192.168.5.25,2h
EOF

##################################################
# UFW
#
sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/' /etc/sysctl.conf
sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"

sed -i 's/IPV6=yes/IPV6=no/' /etc/default/ufw
sed -i 's/DEFAULT_INPUT_POLICY="DROP"/DEFAULT_INPUT_POLICY="ACCEPT"/' /etc/default/ufw
sed -i 's/DEFAULT_FORWARD_POLICY="DROP"/DEFAULT_FORWARD_POLICY="ACCEPT"/' /etc/default/ufw
sed -i 's/ENABLED=no/ENABLED=yes/' /etc/ufw/ufw.conf
sed -i 's;\#net/ipv4/ip_forward=1;net/ipv4/ip_forward=1;' /etc/ufw/sysctl.conf

cat >> /etc/ufw/before.rules << EOF
# NAT table rules
*nat
:POSTROUTING ACCEPT [0:0]

# Forward traffic through eth1 - Change to match you out-interface
-A POSTROUTING -s 192.168.5.0/24 -o eth1 -j MASQUERADE

# don't delete the 'COMMIT' line or these nat table rules won't
# be processed
COMMIT
EOF

# Enable UFW
ufw enable

##################################################
# Script to check The Internet status
cat << EOF > /home/root/test_internet.sh
#!/bin/bash
while true
do
    wget -q --tries=10 --timeout=20 -O - http://google.com > /dev/null
    if [[ $? -eq 0 ]]; then
        echo $(date) "1"
        break
    else
        echo $(date) "0"
        ifdown eth1
        ifup eth1
    fi
    sleep 5
done
EOF

##################################################
# Start it up!

cat << EOF > /etc/crontab
@reboot root /home/root/test_internet.sh &
@reboot root /usr/sbin/ufw enable
@reboot root /etc/init.d/hostapd restart
@reboot root /etc/init.d/dnsmasq restart
EOF

##################################################
# Reboot
shutdown -r now

# Credit to:
# https://github.com/mbanders/raspberry_access_point