Dec
16
2015
Build your own Access Point

UPDATED: 14 February 2016
Blog Post: 16 December 2015

I have started (for some time now, to be honest) to transfer my router’s function to my ODROID-c1

odroid-c1.jpg

that runs Archlinux arm so I have my favorite distribution on this beautiful development board.


# uname -a
Linux myodroid 3.10.80-13-ARCH #1 SMP PREEMPT Tue Sep 15 15:43:38 MDT 2015 armv7l GNU/Linux

for specs you can click here

The board has an Gigabit Ethernet port but no Wireless Card.

I had a spare USB Wireless Network card, so I’ve used it on one of the four USB slots of the board.


Bus 001 Device 003: ID 148f:3370 Ralink Technology, Corp. RT3370 Wireless Adapter

You need to verify that your wireless card, can support Access Point functionality.
To verify your card, type:


# iw list | grep AP

if you see something like that: #{ AP } then you probably are ok.

The most important thing is to find out what your card can do, mine:


        valid interface combinations:
                 * #{ AP } <= 8,
                   total <= 8, #channels <= 1

That means that I can configure up to 8 AP (Access Points), 8 different ssid but only on one channel !

 

Reading through the internet (mostly on archlinux wiki) I had, first, to create a Bridge with my Ethernet card and then hostapd will add my Wireless Card to the same bridge.

Although I use systemd for a while sometime, I wasnt able to create the bridge interface via systemd. I’ve tested my confs/files to a secondary linux machine and I know for a fact that my notes are correct. Somehow it seems that there is a problem with systemd on ODROID-c1 regarding this or perhaps I havent found the problem with my setup!

So I’ve created a shell script that runs after boot: net.sh


!/bin/sh

ip link add br0 type bridge
ip link set br0 up

ip link set eth0 up
ip link set eth0 master br0

ip addr add 10.10.10.10/24 dev br0
ip route add default via 10.10.10.1 dev br0

# Wireless Vlan (Guest Network)
ip address add 10.10.20.10/24 dev br0:0

# Enable Forwarding
sysctl -w net.ipv4.ip_forward=1

# Masquerade traffic
iptables -t nat -A POSTROUTING -o br0 -j MASQUERADE

# Accept forwarding
iptables -P FORWARD ACCEPT

# Start (or restart) hostapd
systemctl restart hostapd.service

# Isolate Vlan 10.10.20.0/24 (Guest Network) from 10.10.10.0/24 (Home Network)
iptables -I FORWARD -s 10.10.20.0/24 -d 10.10.10.0/24 -j DROP

a basic setup of hostapd is below. I’ve used TEST as the ssid and TESTTESTTEST as the password:

/etc/hostapd/hostapd.conf


interface=wlan0
bridge=br0
driver=nl80211
ctrl_interface=/var/run/hostapd
ctrl_interface_group=0
ssid=Testing
hw_mode=g
channel=1
ap_isolate=1
own_ip_addr=127.0.0.1
wpa=2
wpa_passphrase=TestingTesting
wpa_key_mgmt=WPA-PSK

On this ODROID-C1 board, I run my own DNS Cache/DHCP server with dnsmasq.

/etc/dnsmasq.conf


interface=br0
# custom host file to reduce ads
addn-hosts=/etc/hosts.txt

dhcp-range=10.10.20.16,10.10.20.32,12h
dhcp-option=option:router,10.10.20.10
dhcp-option=option:dns-server,10.10.20.10
dhcp-option=option:ntp-server,193.93.167.241
Tag(s): ODROID-C1