Skip to content

Instantly share code, notes, and snippets.

@vitouXY

vitouXY/wlanap.sh

Created April 8, 2023 05:41
Show Gist options
  • Save vitouXY/3491a33e3ffab47b7879288ff9399b90 to your computer and use it in GitHub Desktop.
Save vitouXY/3491a33e3ffab47b7879288ff9399b90 to your computer and use it in GitHub Desktop.
Download ZIP
RPi | WLAN AP
Raw
wlanap.sh
#!/bin/sh
[ $(id -u) = 0 ] || { echo "must be root" ; exit 1; }
set -o errexit
set -o nounset
set -o pipefail
set -o xtrace
#[ "$(find /sys/class/net/ -type l -name wlan0 2>&-)z" != "z" ] && exit 1
apt-get install wpa_supplicant dnsmasq
apt-get install iptables-persistent
cat << EOF | tee /etc/dnsmasq.d/wlan_ap.conf > /dev/null
#interface=wlan0,usb0
interface=wlan0
except-interface=wlan1
#no-dhcp-interface=lo
#listen-address=127.0.0.1
listen-address=127.0.0.1,10.0.0.1
#port=0
bind-interfaces
dhcp-authoritative
domain-needed
bogus-priv
filterwin2k
#cache-size=150
dhcp-lease-max=255
#log-queries
log-dhcp
#no-resolv
#no-hosts
expand-hosts
addn-hosts=/etc/hosts.wlan_ap
local=/rpi0w.local/
domain=wlan.ap
dhcp-range=10.0.0.100,10.0.0.105,255.255.255.0,12h
# ,ignore
dhcp-host=FF:FF:FF:FF:FF:FF,rpiz2,10.0.0.20,infinite
dhcp-host=ff:ff:ff:ff:ff:ff,picow,10.0.0.21,infinite
dhcp-option=option:netmask,255.255.255.0
dhcp-option=28,10.0.0.255
dhcp-option=option:router,10.0.0.1
#dhcp-option=option:dns-server,10.0.0.1
#dhcp-option=option:dns-server,8.8.8.8,1.1.1.1
dhcp-option=option:dns-server,94.140.14.15,76.76.2.2
# 8.8.8.8 8.8.4.4
# 1.1.1.1 1.0.0.1
# 94.140.14.15 94.140.15.16
# 76.76.2.1 76.76.2.2 76.76.2.3
## https://adguard-dns.io/kb/es/general/dns-providers/
#dhcp-option=option:ntp-server,ntp.shoa.cl
#address=/#/10.0.0.1
address=/gstatic.com/10.0.0.1
address=/connectivitycheck.android.com/10.0.0.1
address=/doubleclick.net/127.0.0.1
address=/outbrain.com/127.0.0.1
address=/taboola.com/127.0.0.1
#conf-file=/etc/dnsmasq.d/extra.conf
#conf-dir=conf-dir=/etc/dnsmasq.d/,*.conf
## $ dnsmasq -C /tmp/dnsmasq.conf
#dhcp-leasefile=/tmp/dnsmasq.leases
#pid-file=/tmp/dnsmasq.pid
#log-facility=-
#log-facility=/tmp/dnsmasq.log
#keep-in-foreground
#no-daemon
EOF
cat << EOF | tee /etc/hosts.wlan_ap > /dev/null
10.0.0.1 rpi0w.local
EOF
cat << EOF | tee /etc/network/interfaces.d/wlan_ap.conf > /dev/null
#auto lo
#iface lo inet loopback
auto wlan0
#allow-hotplug wlan0
#iface wlan0 inet manual
#wpa-driver nl80211
#wpa-roam /etc/wpa_supplicant/wpa_supplicant-wlan0.conf
iface wlan0 inet static
#iface dhcp_server inet static
address 10.0.0.1
netmask 255.255.255.0
#network 10.0.0.0
#gateway 10.0.0.1
## route add default gw 10.0.0.1
#iface default inet dhcp
auto wlan1
allow-hotplug wlan1
iface wlan1 inet dhcp
#iface dhcp_client inet dhcp
EOF
cat << EOF | tee /etc/wpa_supplicant/wpa_supplicant-wlan0.conf > /dev/null
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
#country=PA # US
#eapol_version=1
#ap_scan=1
#fast_reauth=1
#network={
ssid="to_RPi0W"
#bssid=FF:0F:0F:0F:0F:0F
#scan_ssid=1
#proto=WPA
#key_mgmt=NONE
#key_mgmt=WPA-PSK
#psk="p455W0rd"
#scan_freq=2412 2437 2462
#id_str="dhcp_client"
#priority=90
#}
network={
#ssid="from_RPi0W"
# echo -n 🔓 | hexdump # echo -e "\xF0\x9F\x94\x93"
ssid=F09F9493
mode=2
key_mgmt=NONE
#key_mgmt=WPA-PSK
#psk="p455W0rd"
frequency=2412
# (1)2412 (2)2417 (3)2422 (4)2427 (5)2432 (6)2437
# (7)2442 (8)2447 (9)2452 (10)2457 (11)2462 (12)2467 (13)2472
id_str="dhcp_server"
}
# wpa_supplicant -B -c/tmp/wpa_supplicant-wlan0.conf -iwlan0 -Dnl80211 -P /tmp/wpa_supplicant-wlan0.pid -f /tmp/wpa_supplicant-wlan0.log
EOF
cat << EOF | tee /etc/wpa_supplicant/wpa_supplicant-wlan0.conf > /dev/null
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
#country=PA # US
#eapol_version=1
fast_reauth=1
ap_scan=1
autoscan=periodic:30
network={
ssid="to_RPi0W"
#bssid=FF:0F:0F:0F:0F:0F
scan_ssid=1
proto=WPA
#key_mgmt=NONE
key_mgmt=WPA-PSK
psk="p455W0rd"
#scan_freq=2412 2437 2462
# (1)2412 (2)2417 (3)2422 (4)2427 (5)2432 (6)2437
# (7)2442 (8)2447 (9)2452 (10)2457 (11)2462 (12)2467 (13)2472
id_str="dhcp_client"
priority=90
}
#network={
#key_mgmt=NONE
#priority=-999
#}
#wpa_cli scan && wpa_cli scan_results
#iw dev wlan0 scan | grep SSID
#wpa_passphrase SSID >> SSID_wpa_supplicant.cfg
# reading passphrase from stdin
# wpa_supplicant -B -c/tmp/wpa_supplicant-wlan1.conf -iwlan1 -Dnl80211 -P /tmp/wpa_supplicant-wlan1.pid -f /tmp/wpa_supplicant-wlan1.log
EOF
cat << EOF | tee /etc/sysctl.d/wlan_ap.conf > /dev/null
net.ipv4.ip_forward=1
EOF
iptables --flush
iptables -t nat --flush
iptables --table nat --append POSTROUTING --out-interface wlan1 -j MASQUERADE
iptables --append FORWARD --in-interface wlan1 --out-interface wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables --append FORWARD --in-interface wlan0 --out-interface wlan1 -j ACCEPT
iptables --append FORWARD --in-interface wlan0 -j ACCEPT
#iptables -t nat -A PREROUTING -i wlan0 -p udp -m udp --dport 53 -j DNAT --to-destination 10.0.0.1:53
#iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 10.0.0.1:80
#iptables -t nat -A PREROUTING -i wlan0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.0.0.1:80
#iptables -t nat -A PREROUTING -i wlan0 -p tcp -m tcp --dport 443 -j DNAT --to-destination 10.0.0.1:80
iptables -t nat -A POSTROUTING -j MASQUERADE
iptables-save > /etc/iptables/rules.v4
systemctl enable dnsmasq
systemctl enable wpa_supplicant@wlan0
systemctl enable wpa_supplicant@wlan1
systemctl disable wpa_supplicant
#reboot
systemctl restart dnsmasq
systemctl stop wpa_supplicant
systemctl start wpa_supplicant@wlan0
systemctl start wpa_supplicant@wlan1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment