How can I use my card as an access point?
NOTE: because a station VAP is created by default, wlanconfig will fail to create an AP VAP (for MadWifi releases >1407) unless the parameter 'autocreate=none' is passed when loading the ath_pci module. See UserDocs/autocreate for details.
To create an interface (called ath0) as an access point, issue the command:
wlanconfig ath0 create wlandev wifi0 wlanmode ap
This will allow clients to see your network and associate with it. To do anything useful beyond having network access to just the machine with the wireless NIC, you will need to set up some sort of routing, most likely install a DHCP server on the router, etc.
If you want the box to behave like a commercial AP, bridging the wireless and wired networks:
Under Debian (or Ubuntu, etc.), this can be accomplished almost entirely within /etc/network/interfaces, which gives Debian systems a standardized way to setup network interfaces. Ensure that bridging is available in the kernel (either modules or builtin), then use something like the following in your /etc/network/interfaces:
# Bring up ath0 with the correct wifi settings # "manual" causes it to bring up the interface without TCP/IP (which will be setup on the bridge interface br0) auto ath0 iface ath0 inet manual # ensure ath0 is down (never fails because of "true") pre-up wlanconfig ath0 destroy || true # set up the ath0 device in AP mode before bringing up the interface (unless you're using AutoCreate) pre-up wlanconfig ath0 create wlandev wifi0 wlanmode ap # remove the ath0 device when bringing the interface down post-down wlanconfig ath0 destroy # set master mode, channel, and the essid wireless-mode master wireless-channel 11 wireless-essid YourESSID # IF you use WEP, put the key here: #wireless-key 1234-1234-1234-1234 # Bring up the bridge device, br0 # Using DHCP to assign an IP, etc. may work as well, # but this illustrates setting up a static IP for the interface. # The IP will be accessible from both the wired and wireless sides of the network. auto br0 iface br0 inet static # Assign your IP address, subnet and mask, broadcast address, and default gateway address 192.168.0.[x] network 192.168.0.0 netmask 255.255.255.0 broadcast 192.168.0.255 gateway 192.168.0.1 # Bridge eth0 and ath0 with br0. bridge_ports eth0 ath0 # You do *not* need a separate entry for eth0 in this file, because you are not configuring it # or bringing it up as a separate interface at all. Mentioning it in the bridge_ports directive # is enough.
I am successfully using this setup to bridge my wired and wireless networks, along with hostapd for WPA authentication.
Without bridging: Here's another method where you just add the info to /etc/networks/interfaces. I'm using this on ubuntu. I haven't figured out where to stick the 802.1g switch, but this gets the access point up, and brings it up at boot time:
iface ath0 inet static address 10.42.2.1 netmask 255.255.255.0 broadcast 10.42.2.255 wireless-essid your_essid wireless-mode master wireless-key 1223-1234-1234-1234 # well, not really, use yours.
My configuration with ubuntu 8.04. What I have, a modem/router managing internet, with my PC connected to it, and with that PC with a PCI atheros card installed and configured as an AP, where I can connect from my PC-WIFI, navigating without problems.
Note: Some times (too many), ubuntu hangs when ath0 is up, just at the start. Be careful with configuring an automatic IFUP because if linux hangs you will need to edit this file through a live-CD.
The keys, when the AP and the PC interfaces (eth0 and ath0) share the same netmask (this is what I believe), you do not need to bridge the interfaces.
What I need, the etc/network/interfaces file
auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 192.168.1.8 netmask 255.255.255.0 gateway 192.168.1.1 auto ath0 iface ath0 inet static pre-up wlanconfig ath0 create wlandev wifi0 wlanmode ap post-down wlanconfig ath0 destroy wireless-mode master wireless-essid "DEXTER" wireless-channel 1 address 10.0.0.1 netmask 255.255.255.0
With this, the PC-WIFI can connect to the DEXTER network. Now you need to allow the modem/router to manage the ath0 connections, which will be obtained through IPTABLES.
My iptables script, just to allow the navigation (you have to build your firewall rules)
# activate ip forwading /bin/echo "1" > /proc/sys/net/ipv4/ip_forward # Flush any rules iptables --table filter --flush FORWARD iptables --table filter --flush INPUT iptables --table filter --flush OUTPUT # Drop default policies iptables --table filter --policy INPUT ACCEPT iptables --table filter --policy OUTPUT ACCEPT iptables --table filter --policy FORWARD ACCEPT # Free loopback connexions iptables --table filter --append INPUT --in-interface lo --jump ACCEPT iptables --table filter --append OUTPUT --out-interface lo --jump ACCEPT # -------------------------# # ROUTING # -------------------------# iptables --table nat \ --append POSTROUTING \ --out-interface eth0 \ --source 10.0.0.0/255.255.255.0 \ --jump SNAT \ --to-source 192.168.1.8
And that's all. This works, but should be used just as a first step in the building of a WIFI secure spot. As a last note, the PC-WIFI should have an IP like 10.0.0.8 pointing to the 10.0.0.1 as the gateway, with the same 255.255.255.0 netmask, and the DNS properly introduced as well.