#!/bin/bash
# Variables
HOSTAPD_CONF="/etc/hostapd/hostapd.conf"
DNSMASQ_CONF="/etc/dnsmasq.conf"
HOTSPOT_IP="192.168.20.1"
DHCP_RANGE_START="192.168.20.10"
DHCP_RANGE_END="192.168.20.50"
# Function to check if running as root
check_root() {
if [ "$(id -u)" -ne 0 ]; then
echo "This script must be run as root" 1>&2
exit 1
fi
}
# Function to select interface and other settings
select_settings() {
echo "Available network interfaces:"
ip link show | awk -F: '$0 !~ "lo|^[^0-9]"{print $2}' | sed 's/ //g'
echo ""
read -p "Enter the interface for Access Point (e.g., wlan0): " INTERFACE
read -p "Enter the interface for Internet (e.g., eth0): " INTERFACE_NET
read -p "Enter the SSID for your hotspot: " SSID
read -p "Enter the capture duration in seconds: " DURATION
}
# Function to setup hostapd config
setup_hostapd() {
cat <<EOF > $HOSTAPD_CONF
interface=$INTERFACE
driver=nl80211
ssid=$SSID
hw_mode=g
channel=6
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0
EOF
}
# Function to setup dnsmasq config
setup_dnsmasq() {
cat <<EOF > $DNSMASQ_CONF
interface=$INTERFACE
dhcp-range=$DHCP_RANGE_START,$DHCP_RANGE_END,12h
EOF
}
# Function to setup network interface
setup_network_interface() {
if ip link show "$INTERFACE" > /dev/null 2>&1; then
ip link set "$INTERFACE" up
ip addr add "$HOTSPOT_IP"/24 dev "$INTERFACE"
else
echo "Interface $INTERFACE not found"
exit 1
fi
}
# Function to enable IP forwarding and setup iptables
setup_iptables() {
sysctl -w net.ipv4.ip_forward=1
iptables -t nat -A POSTROUTING -o "$INTERFACE_NET" -j MASQUERADE
iptables -A FORWARD -i "$INTERFACE_NET" -o "$INTERFACE" -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i "$INTERFACE" -o "$INTERFACE_NET" -j ACCEPT
}
# Function to cleanup iptables rules
cleanup_iptables() {
iptables -t nat -D POSTROUTING -o "$INTERFACE_NET" -j MASQUERADE
iptables -D FORWARD -i "$INTERFACE_NET" -o "$INTERFACE" -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -D FORWARD -i "$INTERFACE" -o "$INTERFACE_NET" -j ACCEPT
iptables -F
iptables -t nat -F
iptables -t mangle -F
iptables -X
iptables -t nat -X
iptables -t mangle -X
}
# Function to cleanup running services
cleanup_services() {
killall dnsmasq hostapd || true
if ip addr show "$INTERFACE" | grep -q "$HOTSPOT_IP"; then
ip addr del "$HOTSPOT_IP"/24 dev "$INTERFACE" || true
fi
}
# Function to capture traffic
capture_traffic() {
tshark -i "$INTERFACE" -a duration:"$DURATION" -w /tmp/Hotspot.pcapng
if [ -f /tmp/Hotspot.pcapng ]; then
FILENAME="$USER_HOME/$(date +'%Y%m%d-%H%M-%S').pcapng"
mv /tmp/Hotspot.pcapng "$FILENAME"
chown "$SUDO_USER":"$SUDO_USER" "$FILENAME"
chmod 644 "$FILENAME" # Change file permissions to be readable by the user
echo "Capture file saved to $FILENAME"
else
echo "Capture file not found. There might be an error with tshark."
fi
}
# Main script execution
main() {
check_root
# Get the home directory of the user running the script
USER_HOME=$(getent passwd "$SUDO_USER" | cut -d: -f6)
select_settings
cleanup_services
setup_hostapd
setup_dnsmasq
setup_network_interface
setup_iptables
# Start hostapd and dnsmasq
hostapd "$HOSTAPD_CONF" &
HOSTAPD_PID=$!
dnsmasq -C "$DNSMASQ_CONF" &
DNSMASQ_PID=$!
# Wait for services to start
sleep 10
capture_traffic
# Cleanup
if ps -p "$HOSTAPD_PID" > /dev/null; then
kill "$HOSTAPD_PID"
fi
if ps -p "$DNSMASQ_PID" > /dev/null; then
kill "$DNSMASQ_PID"
fi
cleanup_iptables
echo "Hotspot and traffic capture complete."
}
main "$@"Untuk menjalankan proses setup interface secara manual
- Aktifkan interface (set up): Pastikan interface dalam keadaan aktif.
- Tambahkan alamat IP ke interface: Menambahkan alamat IP yang akan digunakan oleh access point.
- Aktifkan IP forwarding: Agar bisa melakukan NAT (Network Address Translation).
- Konfigurasi iptables untuk NAT: Setup aturan iptables untuk meneruskan paket dari interface jaringan ke interface access point.
- Konfigurasi hostapd dan dnsmasq: Setup access point dan DHCP server.
- Jalankan hostapd dan dnsmasq: Mulai layanan untuk access point dan DHCP server.
- Capture trafik jaringan: Menggunakan tshark atau alat lain untuk menangkap paket jaringan.
Berikut adalah langkah-langkah manual yang lebih rinci:
-
Aktifkan interface (set up)
sudo ip link set wlan1 up -
Tambahkan alamat IP ke interface
sudo ip addr add 192.168.20.1/24 dev wlan1
-
Aktifkan IP forwarding
sudo sysctl -w net.ipv4.ip_forward=1
-
Konfigurasi iptables untuk NAT
sudo iptables -t nat -A POSTROUTING -o wlp2s0 -j MASQUERADE sudo iptables -A FORWARD -i wlp2s0 -o wlan1 -m state --state RELATED,ESTABLISHED -j ACCEPT sudo iptables -A FORWARD -i wlan1 -o wlp2s0 -j ACCEPT
-
Konfigurasi hostapd Buat atau edit file konfigurasi
/etc/hostapd/hostapd.conf:sudo nano /etc/hostapd/hostapd.conf
Isi file dengan konfigurasi berikut:
interface=wlan1 driver=nl80211 ssid=MyHotspot hw_mode=g channel=6 macaddr_acl=0 auth_algs=1 ignore_broadcast_ssid=0
-
Konfigurasi dnsmasq Buat atau edit file konfigurasi
/etc/dnsmasq.conf:sudo nano /etc/dnsmasq.conf
Isi file dengan konfigurasi berikut:
interface=wlan1 dhcp-range=192.168.20.10,192.168.20.50,12h
-
Jalankan hostapd dan dnsmasq Jalankan hostapd dan dnsmasq:
sudo hostapd /etc/hostapd/hostapd.conf sudo dnsmasq -C /etc/dnsmasq.conf
-
Capture traffic jaringan Gunakan tshark untuk menangkap paket jaringan di interface
wlan1:sudo tshark -i wlan1 -a duration:60 -w capture.pcap
Untuk menghentikan access point dan membersihkan konfigurasi iptables:
-
Hentikan hostapd dan dnsmasq
sudo pkill hostapd sudo pkill dnsmasq
-
Matikan interface
sudo ip link set wlan1 down -
Bersihkan aturan iptables
sudo iptables -t nat -D POSTROUTING -o wlp2s0 -j MASQUERADE sudo iptables -D FORWARD -i wlp2s0 -o wlan1 -m state --state RELATED,ESTABLISHED -j ACCEPT sudo iptables -D FORWARD -i wlan1 -o wlp2s0 -j ACCEPT
-
Reset konfigurasi iptables (opsional)
sudo iptables -F sudo iptables -t nat -F sudo iptables -t mangle -F sudo iptables -X sudo iptables -t nat -X sudo iptables -t mangle -X
Dengan langkah-langkah ini, kamu bisa setup access point dan capture traffic secara manual.