No subject
bogus at does.not.exist.com
bogus at does.not.exist.com
Sun Jun 2 21:10:54 PDT 2013
ping -I eth0 192.168.1.5 --- ok
ping -I wlan0 192.168.1.5
PING 192.168.1.5 (192.168.1.5) from 10.0.0.1 wlan0: 56(84) bytes of dat=
a.
From 10.0.0.1 icmp_seq=3D1 Destination Host Unreachable
The question is why can not ping but can access web?
The second is that the phone can only see PC AP within 5 meters, but
if the PC is set up as ordinary wifi, it can connect to the router
which is 10 meters away. The question is it just the hardware device
limitation or it is tunable by set hostapd parameters ? What I am
experimenting is to see whether it is possible to do away with the
router altogether but it would definitely not viable if the access
distance is so much shorter than a normal router.
regards, kfl.
On Sat, Nov 16, 2013 at 10:43 PM, jan <jan at jabra-server.net> wrote:
>
> Hi,
>
> I've insert the wrong devices. Clearly, eth1 must be wlan0 ;)
> Before I used iptables-save/restore, i wrote a little script, which I
> execute with a cronjob every boot up.
>
> iptables --flush
> iptables --table nat --flush
> iptables --delete-chain
> iptables --table nat --delete-chain
> iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUER=
ADE
> iptables --append FORWARD --in-interface wlan0 -j ACCEPT
>
> This worked for me flawlessly.
> Router: 192.168.178.1
> Hostapd-AP: 192.168.178.22 (eth0)
> 10.0.0.1 (wlan0)
> Android-Cellphone: 10.0.0.10
>
> Whats with your DHCP config, did you set the default-gateway?
> (I'm using isc-dhcp-server)
>
> ddns-update-style none;
> ignore client-updates;
> authoritative;
> default-lease-time 172800;
> max-lease-time 182800;
>
> #$ TELEFONMAST
> subnet 10.0.0.0 netmask 255.255.255.0 {
> option routers 10.0.0.1;
> option subnet-mask 255.255.255.0;
> option broadcast-address 10.0.0.255;
> option domain-name-servers 8.8.8.8, 8.8.4.4;
> option time-offset 0;
> range 10.0.0.10 10.0.0.110;
> interface wlan0;
>
> }
>
>
>
> Jan
>
>
> Am 16.11.2013 04:42, schrieb Kf Lee:
>
>> Hi, Jan,
>>
>> Thanks for the advice. I follow your example and put a script as follo=
w:
>> #
>> sysctl -w net.ipv4.ip_forward=3D1
>> iptables -Z
>> iptables -F
>> iptables -A FORWARD -o eth0 -i wlan0 -s 10.0.0.0/24 -m conntrack
>> --ctstate NEW -j ACCEPT
>> iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCE=
PT
>> iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
>> echo 1 > /proc/sys/net/ipv4/ip_forward
>>
>> Then I ping using (router address is set to: 192.168.1.5) :
>>
>> ping -c 3 -I eth0 192.168.1.5 and it echo back ok;
>> ping -c 3 -I wlan0 192.168.1.5 and it does not respond.
>> So I guess the iptables forwarding mechanism is still not working.
>>
>> I use phone to connect to the TESTAP and the connection dhcp of IP
>> address ok.
>> I can ping the PC from the Phone, so I guess hostapd is working
>> properly,
>> but I also can not ping 192.168.1.5 router.
>>
>> The iptables-save shows:
>> # Generated by iptables-save v1.4.12 on Sat Nov 16 10:45:10 2013
>> *nat
>> :PREROUTING ACCEPT [17:5234]
>> :INPUT ACCEPT [4:857]
>> :OUTPUT ACCEPT [3:252]
>> :POSTROUTING ACCEPT [2:168]
>> -A POSTROUTING -o eth0 -j MASQUERADE
>> COMMIT
>>
>> # Completed on Sat Nov 16 10:45:10 2013
>> # Generated by iptables-save v1.4.12 on Sat Nov 16 10:45:10 2013
>> *filter
>> :INPUT ACCEPT [17:2185]
>> :FORWARD ACCEPT [0:0]
>> :OUTPUT ACCEPT [15:1344]
>> -A FORWARD -i wlan0 -o eth0 -m conntrack --ctstate NEW -j ACCEPT
>> -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
>> COMMIT
>> # Completed on Sat Nov 16 10:45:10 2013
>>
>> I have try many different way of scripting with -d 192.168.1.0 or
>> remove -s alltogether as well as replace conntrack by state as some
>> said in the web but all to no result.
>>
>> I noted the above FORWARD ACCEPT is [0:0] so possibly it is the
>> problem. Can you please take a look of the script to see what could
>> be wrong?
>>
>> I also noted that in your example, you use eth1 instead of wlan0,
>> could there some other setup needed?
>>
>> One other possibility is: do I need to use 'route' command to setup
>> something?
>>
>> Thanks, kfl.
>>
>>
>> On Sat, Nov 16, 2013 at 1:51 AM, jan <jan at jabra-server.net> wrote:
>>>
>>> root at server:~# cat /etc/iptables.rules
>>> # Generated by iptables-save v1.4.12 on Mon Oct 21 14:20:11 2013
>>> *filter
>>> :INPUT ACCEPT [139186815:198760302176]
>>> :FORWARD ACCEPT [164720:119001188]
>>> :OUTPUT ACCEPT [71521197:51782117907]
>>> -A FORWARD -i wlan0 -j ACCEPT
>>> COMMIT
>>> # Completed on Mon Oct 21 14:20:11 2013
>>> # Generated by iptables-save v1.4.12 on Mon Oct 21 14:20:11 2013
>>> *nat
>>> :PREROUTING ACCEPT [20829:1924943]
>>> :INPUT ACCEPT [15083:1550208]
>>> :OUTPUT ACCEPT [377940:23333519]
>>> :POSTROUTING ACCEPT [334113:20054009]
>>> -A POSTROUTING -o eth0 -j MASQUERADE
>>> COMMIT
>>> # Completed on Mon Oct 21 14:20:11 2013
>>>
>>>
>>> This is working config for me. Just save it an restore it with
>>> iptables-restore.
>>> Or you can try the solution from the ubuntuusers.de wiki:
>>>
>>> sysctl -w net.ipv4.ip_forward=3D1 #Activate the ipv4 forwarding
>>> iptables -A FORWARD -o eth0 -i eth1 -s 10.0.0.0/24 -m conntrack --ctsta=
te
>>> NEW -j ACCEPT
>>> iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEP=
T
>>> iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
>>>
>>> To activate ipv4 forwarding permantly you need to edit your
>>> /etc/sysctl.conf.
>>> /etc/sysctl.conf:
>>> net.ipv4.ip_forward =3D 1
>>>
>>>
>>> Jan
>>>
>>> Am 15.11.2013 18:21, schrieb Kf Lee:
>>>
>>> HI,
>>>
>>> I just managed to install hostapd + dhcpd and configure wlan0 to act a=
s
>>> ap
>>> in 10.0.0.1
>>> with android user is able to connect the ap with an assigned ip
>>> 10.0.0.65.
>>> The pc (Linuxmint 15) that Is cable wired to the router is in
>>> 192.1.168.111
>>> and the router ip set to 192.168.1.1
>>>
>>> I thought tthat the Android user should be able to connect to internet
>>> via
>>> pc using iptables to forward the package but it can't. First question=
:
>>> is
>>> this right thinking ? If it in the rght track, can anyone provide a
>>> working example ?
>>>
>>> I search through a lot write up in the web and none actually work which
>>> surprised me. This seem a quite typical use of hostapd.
>>>
>>> I also try use bridge but the brctl command say that bridge does not
>>> support
>>> wlan0 . From reading it become clear bridge is for bridging wired
>>> network
>>> segments.
>>>
>>> Any help is appreciated .
>>> Rgds , kfl.
>>>
>>>
>>>
>>> _______________________________________________
>>> HostAP mailing list
>>> HostAP at lists.shmoo.com
>>> http://lists.shmoo.com/mailman/listinfo/hostap
>>>
>>>
>>>
>>> _______________________________________________
>>> HostAP mailing list
>>> HostAP at lists.shmoo.com
>>> http://lists.shmoo.com/mailman/listinfo/hostap
>>>
>>
>>
>
--=20
---------------------------------------------------------------------------=
--------------------------------
IT&C (HK) Ltd. www.itnc.com Tel:+852 6913 0049
PENIT (China) Ltd. www.penit.com : Tel: +86 755 26811370
E-Mail: kflee2000 at gmail.COM
KFLee at ITNC.COM
SKYPE: kflee2000 QQ=EF=BC=9A129929-6015
19A, Seascape Plaza, 18 Taizi Road, Shekou, Shenzhen, PROC.
**** ACW: Alternative Class of Webspace =E5=8F=A6=E7=B1=BB=E7=BD=91=E8=B7=
=AF=E7=A9=BA=E9=97=B4 *****
www.itnc.com - Hong Kong Based HQ
www.penit.com - Logistic Software Developer
www.jpfree.com - ACW for Japan
www.twfree.com - ACW for Taiwan
www.cnfree.com - ACW for China
www.asiafree.net - Free Business Card Site
---------------------------------------------------------------------------=
------------------
More information about the Hostap
mailing list