FreeBSD as a wireless hotspot?

[mrjayviper]

I am using the guide from the handbook. http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-wireless.html (begins at chapter 32.3.5)
---------------------------
My setup:
1. PC (via em0 and gets an IP in the 192.168.1.x range) => modem/router => WWW

2. Atheros wireless card that has HOSTAP support (check using ifconfig wlan0 list caps)
---------------------------
I tried connecting from the iPad/HTC One X and it seems to work. I get prompted for the passphrase which I supplied correctly. I know it's correct because I get an error message if I supplied a wrong one. 1 thing I notice is that instead of getting an IP in 192.168.0.x range, my iPad gets something that starts with 169.

I've searched the net but the guides/articles I've seen seems for the older versions

Any suggestions?

Thanks
--------------------------------

# [color="Green"]ifconfig wlan0 create wlandev ath0 wlanmode hostap[/color]
# [color="green"]ifconfig wlan0 inet 192.168.0.1 netmask 255.255.255.0 ssid myhotspot mode 11g channel 1[/color]

These are the contents of /etc/hostap.conf

interface=wlan0
debug=1
ctrl_interface=/var/run/hostapd
ctrl_interface_group=wheel
ssid=myhotspot
wpa=1
wpa_passphrase=qwerty
wpa_key_mgmt=WPA-PSK
wpa_pairwise=CCMP TKIP

 

[mamalos]

Are you sure you're running an DHCP server that is responsible for providing IP's for connecting hosts on your wlan interface? If not, you can try net/isc-dhcp42-server.

 

[mrjayviper]

Thank you for that. Do I also need to setup some firewall rules?

 

[mamalos]

If you're running a firewall, then you need to set it up to allow UDP ports 68 and 67, if I remember correctly, but I don't remember directions and destination hosts, I'll have to see some of my configs...If you're running PF, then you can easily see which packets are stopped by running:

# tcpdump -neti pflog0


...if you log your dropped packets...

 

[mrjayviper]

I'm not running any sort of firewall at the moment. I'm just wondering how traffic will get redirected to the em0 interface with any firewall rules

 

[mrjayviper]

I added the following entries to:

/etc/rc.conf

gateway_enable="YES"
firewall_enable="YES"
firewall_type="OPEN"
hostapd_enable="YES"
named_enable="YES"
natd_enable="YES"
natd_interface="em0"
natd_flags=""
ntpd_enable="YES"

/etc/resolv.conf

nameserver 192.168.1.1

ifconfig info

root@myhotspot:/etc/namedb # ifconfig
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=4219b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,WOL_MAGIC,VLAN_HWTSO>
        ether 00:1c:c0:4c:ea:38
        inet 192.168.1.13 netmask 0xffffff00 broadcast 192.168.1.255
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
        media: Ethernet autoselect (1000baseT <full-duplex>)
        status: active
ath0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 2290
        ether f8:d1:11:71:5e:f3
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
        media: IEEE 802.11 Wireless Ethernet autoselect mode 11g <hostap>
        status: running
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0xb
        inet 127.0.0.1 netmask 0xff000000
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        ether f8:d1:11:71:5e:f3
        inet 192.168.13.1 netmask 0xffffff00 broadcast 192.168.13.255
        inet6 fe80::fad1:11ff:fe71:5ef3%wlan0 prefixlen 64 scopeid 0xc
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
        media: IEEE 802.11 Wireless Ethernet autoselect mode 11g <hostap>
        status: running
        ssid myhotspot channel 1 (2412 MHz 11g) bssid f8:d1:11:71:5e:f3
        regdomain 32924 country CN indoor ecm authmode WPA privacy MIXED
        deftxkey 3 TKIP 2:128-bit TKIP 3:128-bit txpower 20 scanvalid 60
        protmode CTS wme burst dtimperiod 1 -dfs
ipfw0: flags=8801<UP,SIMPLEX,MULTICAST> metric 0 mtu 65536
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>

netstat info

root@myhotspot:/etc/namedb # netstat -rn
Routing tables

Internet:
Destination        Gateway            Flags    Refs      Use  Netif Expire
default            192.168.1.1        UGS         0   755723    em0
127.0.0.1          link#11            UH          0        8    lo0
192.168.1.0/24     link#1             U           0  4630985    em0
192.168.1.13       link#1             UHS         0       30    lo0
192.168.13.0/24    link#12            U           0        0  wlan0
192.168.13.1       link#12            UHS         0        0    lo0

My iPad has successfully connected to my FreeBSD hotspot and displaying the following info.

IP Address: 192.168.13.12
Subnet Mask: 255.255.255.0
Router: 192.168.13.1
DNS: 192.168.1.1

Sadly still no net. I tried connecting to my net provider's homepage using its URL and its IP and it's not working. :/

 

[kpa]

You have two possibilities:

1) Tell the modem/router how to reach the 192.168.13.0/24 network with a static route. The route should have network set to 192.168.13.0/24 or 192.168.13.0 netmask 255.255.255.0, gateway 192.168.1.13.

2) NAT all traffic from the WLAN network to the external address 192.168.1.13, this solution hides the 192.168.13.0/24 net from the network between the modem/router and the FreeBSD machine.

 

[mrjayviper]

You have two possibilities:

1) Tell the modem/router how to reach the 192.168.13.0/24 network with a static route. The route should have network set to 192.168.13.0/24 or 192.168.13.0 netmask 255.255.255.0, gateway 192.168.1.13.

just configured my modem/router (see attachment).

2) NAT all traffic from the WLAN network to the external address 192.168.1.13, this solution hides the 192.168.13.0/24 net from the network between the modem/router and the FreeBSD machine.

I thought this would be taken care of this entry from /etc/rc.conf?

natd_interface="em0"

-------------------

I tried 1st suggestion and still no net. :/

 

[mrjayviper]

I got it to work doing NAT using PF (which I've used like 6 years ago). I've removed the firewall/nat and named options in my rc.conf and have replaced those with pf_enable.

------------------

basically it's an open firewall (pass in/out quick all) but the magic that fixed it was

nat on $ext_if from !($ext_if) -> ($ext_if:0)

haven't touched PF since I decided to use a billion router many years ago.

Thanks for the help.

 

[mix_room]

I'm not sure if this is needed, but I think I had it in when I last built a FreeBSD wireless AP

In /etc/rc.conf

gateway_enable="YES"

"32.2.4 Building a Router" - http://www.freebsd.org/doc/handbook/network-routing.html

EDIT: Ooops. Just saw that you have already done this.