Configuring Linux as a Wireless Router (Configure Wireless Card as AP on Separate Network)?

networking linux wireless-networking wireless-router

Solution 1:

This is actually much easier than you think, you just need to install and deploy hostapd and dnsmasq.

hostapd transforms your wifi interface into an access point. There is a pre-condition to this, that the wifi card supports AP mode: you test it as follows,

iw list | less
  .....
software interface modes (can always be added):
             * AP/VLAN
             * monitor

If AP appears where it is, then you are good to go. A typical hostapd configuration file, /etc/hostapd/hostapd.conf, looks like this:

interface=wlan0
driver=nl80211
beacon_int=100
hw_mode=g
ieee80211n=1
wme_enabled=1
country_code=US
ssid=MySSID
ieee80211d=1
channel=3
wpa=2
wpa_passphrase=MySuperSecretPassword
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP
auth_algs=1
macaddr_acl=0
ignore_broadcast_ssid=0
#logger_syslog=-1
#logger_syslog_level=2
#logger_stdout=-1
#logger_stdout_level=2

This configuration file does not include the statement 

bridge=br0

because you indicated no desire to set up a wired component of the LAN, just the wireless one. The bridge is generally used so that the router appears at the same IP address to both wired and wireless clients, and to simplify routing.

The wifi needs an IP address, 

ip addr add 192.168.251.1/24 dev wlan0

and IPv4 forwarding to allow wifi clients to talk to the world. Lastly, you need to setup dnsmasq to setup DHCP and DNS services for your clients. A typical /etc/dnsmasq.conf configuration file looks like this, 

domain-needed
bogus-priv
dhcp-authoritative
no-dhcp-interface=eth0
interface=wlan0
server=/someremote.lan/192.168.1.1
local=/my.lan/
server=8.8.8.8
server=8.8.4.4
expand-hosts
domain=my.lan
dhcp-range=192.168.251.32,192.168.251.90,12h
dhcp-host=AA:BB:CC:DD:EE:FF,SomeName,192.168.251.129,12h
dhcp-host=00:11:22:33:44:55,hp-printer,192.168.251.210,12h
dhcp-option=119,my.lan,someremote.lan
dhcp-option=252,"\n"
dhcp-host=AA:11:BB:22:CC:33,ignore
cname=SomeOtherName.my.lan,elastix

where I kept some features which may or may not be of interest to you.

Enable both services via systemctl, make sure the wifi card has an address at boot time, enable MASQUERADING on the internet-connected interface,

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

and you are good to go.

Related

DVI, DisplayPort, dual Monitors
How to create virtual block devices from file? [duplicate]
how to disable tap-on-click (touchpad) on windows
Safe method of blocking whining noise from PSU exhaust?
Windows 7 driver search woefully slow
Setting proxy settings to “Auto Proxy Detection” using the command line in macOS
More than 1 minute to boot Windows 10, even with SSD
Windows: "This operation has been cancelled due to restrictions in effect on this computer. Please contact your system administrator."
tar command - how to extract one file to specific directory
Visual Studio 2017/2019 Installation finished with errors - Couldn't install Microsoft.VisualC.Redist.12
How can I automatically save screen shots by the press on the Prt Scr button?
FTP script won't transfer remote files to local computer