«Поднял» программную точку доступа на настольном компьютере-
dhcpd.conf:
ddns-update-style none;
option domain-name bsm_TestHostapd;
option domain-name-servers 192.168.0.6 ;
# Организуем сеть на 16 адресов
subnet 192.168.249.0 netmask 255.255.255.240 {
option routers 192.168.249.1;
range 192.168.249.2 192.168.249.14;
option broadcast-address 192.168.249.15;
default-lease-time 600;
max-lease-time 7200;
log-facility local7;
}
hostapd.conf:
interface=wlp2s5
driver=nl80211
ssid=bsm_TestHostapd
hw_mode=g
channel=7
macaddr_acl=0
auth_algs=1
max_num_sta=5
wpa=3
wpa_passphrase=OpenOnePaly4
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP CCMP
rsn_pairwise=CCMP
ignore_broadcast_ssid=0
logger_syslog=-1
logger_syslog_level=3
logger_stdout=-1
logger_stdout_level=2
firewall:
iptables -t nat -A POSTROUTING -o wlp2s5 -j SNAT --to-source 192.168.249.1
iptables -A FORWARD -i wlp2s5 -o enp2s4 -j ACCEPT
iptables -A FORWARD -i enp2s4 -o wlp2s5 -j ACCEPT
echo 1 > /proc/sys/net/ipv4/conf/all/forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward
Информация с компьютера на котором организована программная точка доступа:
ifconfig..
wlp2s5: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.249.1 netmask 255.255.255.0 broadcast 192.168.249.255
inet6 fe80::12fe:edff:fe5e:9280 prefixlen 64 scopeid 0x20<link>
ether 10:fe:ed:5e:92:80 txqueuelen 1000 (Ethernet)
RX packets 108 bytes 13202 (12.8 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 145 bytes 18800 (18.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
iwconfig..
wlp2s5 IEEE 802.11bgn Mode:Master Tx-Power=19 dBm
Retry long limit:7 RTS thr:off Fragment thr:off
Power Management:off
route..
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default vavan-archlinux 0.0.0.0 UG 0 0 0 enp2s4
192.168.0.0 * 255.255.255.0 U 0 0 0 enp2s4
192.168.0.0 * 255.255.255.0 U 203 0 0 enp2s7
192.168.249.0 * 255.255.255.240 U 0 0 0 wlp2s5
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A FORWARD -i wlp2s5 -o enp2s4 -j ACCEPT
-A FORWARD -i enp2s4 -o wlp2s5 -j ACCEPT
-A POSTROUTING -o wlp2s5 -j SNAT --to-source 192.168.249.1
Table filter..
Chain INPUT (policy ACCEPT 7553 packets, 1785K bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- wlp2s5 enp2s4 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- enp2s4 wlp2s5 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 6555 packets, 682K bytes)
pkts bytes target prot opt in out source destination
Table nat..
Chain PREROUTING (policy ACCEPT 1856 packets, 185K bytes)
pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 925 packets, 116K bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 2990 packets, 313K bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 2986 packets, 312K bytes)
pkts bytes target prot opt in out source destination
4 336 SNAT all -- * wlp2s5 0.0.0.0/0 0.0.0.0/0 to:192.168.249.1
ping -c 3 192.168.0.2
PING 192.168.0.2 (192.168.0.2) 56(84) bytes of data.
64 bytes from 192.168.0.2: icmp_seq=1 ttl=64 time=2.95 ms
64 bytes from 192.168.0.2: icmp_seq=2 ttl=64 time=0.168 ms
64 bytes from 192.168.0.2: icmp_seq=3 ttl=64 time=0.181 ms
--- 192.168.0.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.168/1.100/2.951/1.308 ms
ping -c 3 192.168.0.2 -I wlp2s5
PING 192.168.0.2 (192.168.0.2) from 192.168.249.1 wlp2s5: 56(84) bytes of data.
From 192.168.249.1 icmp_seq=1 Destination Host Unreachable
From 192.168.249.1 icmp_seq=2 Destination Host Unreachable
From 192.168.249.1 icmp_seq=3 Destination Host Unreachable
--- 192.168.0.2 ping statistics ---
3 packets transmitted, 0 received, +3 errors, 100% packet loss, time 2008ms
pipe 3
ping -c 3 lib.ru
PING lib.ru (81.176.66.163) 56(84) bytes of data.
64 bytes from lib.ru (81.176.66.163): icmp_seq=1 ttl=54 time=53.0 ms
64 bytes from lib.ru (81.176.66.163): icmp_seq=2 ttl=54 time=53.0 ms
64 bytes from lib.ru (81.176.66.163): icmp_seq=3 ttl=54 time=57.5 ms
--- lib.ru ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 53.025/54.551/57.584/2.161 ms
ping -c 3 lib.ru -I wlp2s5
PING lib.ru (81.176.66.163) from 192.168.249.1 wlp2s5: 56(84) bytes of data.
From old-server (192.168.249.1) icmp_seq=1 Destination Host Unreachable
From old-server (192.168.249.1) icmp_seq=2 Destination Host Unreachable
From old-server (192.168.249.1) icmp_seq=3 Destination Host Unreachable
--- lib.ru ping statistics ---
3 packets transmitted, 0 received, +3 errors, 100% packet loss, time 1999ms
pipe 3
