Configuring Linux as a Wireless Router (Configure Wireless Card as AP on Separate Network)?

Solution 1:

This is actually much easier than you think, you just need to install and deploy hostapd and dnsmasq.

hostapd transforms your wifi interface into an access point. There is a pre-condition to this, that the wifi card supports AP mode: you test it as follows,

iw list | less
  .....
software interface modes (can always be added):
             * AP/VLAN
             * monitor

If AP appears where it is, then you are good to go. A typical hostapd configuration file, /etc/hostapd/hostapd.conf, looks like this:

interface=wlan0
driver=nl80211
beacon_int=100
hw_mode=g
ieee80211n=1
wme_enabled=1
country_code=US
ssid=MySSID
ieee80211d=1
channel=3
wpa=2
wpa_passphrase=MySuperSecretPassword
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP
auth_algs=1
macaddr_acl=0
ignore_broadcast_ssid=0
#logger_syslog=-1
#logger_syslog_level=2
#logger_stdout=-1
#logger_stdout_level=2

This configuration file does not include the statement

bridge=br0

because you indicated no desire to set up a wired component of the LAN, just the wireless one. The bridge is generally used so that the router appears at the same IP address to both wired and wireless clients, and to simplify routing.

The wifi needs an IP address,

ip addr add 192.168.251.1/24 dev wlan0 

and IPv4 forwarding to allow wifi clients to talk to the world. Lastly, you need to setup dnsmasq to setup DHCP and DNS services for your clients. A typical /etc/dnsmasq.conf configuration file looks like this,

domain-needed
bogus-priv
dhcp-authoritative
no-dhcp-interface=eth0
interface=wlan0
server=/someremote.lan/192.168.1.1
local=/my.lan/
server=8.8.8.8
server=8.8.4.4
expand-hosts
domain=my.lan
dhcp-range=192.168.251.32,192.168.251.90,12h
dhcp-host=AA:BB:CC:DD:EE:FF,SomeName,192.168.251.129,12h
dhcp-host=00:11:22:33:44:55,hp-printer,192.168.251.210,12h
dhcp-option=119,my.lan,someremote.lan
dhcp-option=252,"\n"
dhcp-host=AA:11:BB:22:CC:33,ignore
cname=SomeOtherName.my.lan,elastix

where I kept some features which may or may not be of interest to you.

Enable both services via systemctl, make sure the wifi card has an address at boot time, enable MASQUERADING on the internet-connected interface,

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

and you are good to go.