![\"\"](\"http:\/\/bitcows.com\/wp-content\/uploads\/2019\/06\/icon-570x285.png\"){kind=icon}
<\/p>\n<\/p>\n
First, update your system’s package list by entering the following command:<\/p>\n
sudo apt-get update<\/pre>\nNext, upgrade all your installed packages to their latest versions with the command:<\/p>\n
sudo apt-get dist-upgrade<\/pre>\nInstall all the required software in one go with this command:<\/p>\n
sudo apt install dnsmasq hostapd<\/pre>\nConfiguring a static IP<\/strong>
\nWe are configuring a standalone network to act as a server, so the Raspberry Pi needs to have a static IP address assigned to the wireless port. This documentation assumes that we are using the standard 192.168.x.x IP addresses for our wireless network, so we will assign the server the IP address 192.168.4.1. It is also assumed that the wireless device being used iswlan0<\/code>.<\/p>\nTo configure the static IP address, edit the dhcpcd configuration file with:<\/strong><\/p>\n
sudo nano \/etc\/dhcpcd.conf<\/pre>\nGo to the end of the file and edit it so that it looks like the following:<\/p>\n
interface wlan0\nstatic ip_address=192.168.4.1\/24\nnohook wpa_supplicant<\/pre>\nNow restart the
dhcpcd<\/code> daemon:<\/strong><\/p>\nsudo systemctl restart dhcpcd<\/pre>\nConfiguring the DHCP server (dnsmasq)<\/strong>
\nThe DHCP service is provided by dnsmasq. By default, the configuration file contains a lot of information that is not needed, and it is easier to start from scratch. Rename this configuration file, and edit a new one:<\/p>\nsudo mv \/etc\/dnsmasq.conf \/etc\/dnsmasq.conf.orig\nsudo nano \/etc\/dnsmasq.conf<\/pre>\nType or copy the following information into the dnsmasq configuration file and save it:<\/p>\n
interface=wlan0 # Use the require wireless interface - usually wlan0\ndhcp-range=192.168.4.2,192.168.4.20,255.255.255.0,24h<\/pre>\nSo for
wlan0<\/code>, we are going to provide IP addresses between192.168.4.2<\/code> and192.168.4.20<\/code>, with a lease time of 24 hours. If you are providing DHCP services for other network devices (e.g. eth0), you could add more sections with the appropriate interface header, with the range of addresses you intend to provide to that interface.<\/p>\nReload dnsmasq to use the updated configuration:<\/strong><\/p>\n
sudo systemctl reload dnsmasq<\/pre>\nConfiguring the access point host software (hostapd)<\/strong>
\nYou need to edit the hostapd configuration file, located at\/etc\/hostapd\/hostapd.conf<\/code>, to add the various parameters for your wireless network. After initial install, this will be a new\/empty file.<\/p>\nsudo nano \/etc\/hostapd\/hostapd.conf<\/pre>\nAdd the information below to the configuration file. This configuration assumes we are using channel 7, with a network name of NameOfNetwork, and a password AardvarkBadgerHedgehog. Note that the name and password should not have quotes around them. The passphrase should be between 8 and 64 characters in length.<\/p>\n
To use the 5 GHz band, you can change the operations mode from
hw_mode=g<\/code> tohw_mode=a<\/code>. Possible values for hw_mode are:
\na = IEEE 802.11a (5 GHz)
\nb = IEEE 802.11b (2.4 GHz)
\ng = IEEE 802.11g (2.4 GHz)
\nad = IEEE 802.11ad (60 GHz)<\/code><\/p>\ninterface=wlan0\ndriver=nl80211\nssid=RaspiRouter\nhw_mode=g\nchannel=6\nwmm_enabled=0\nmacaddr_acl=0\nauth_algs=1\nignore_broadcast_ssid=0\nwpa=2\nwpa_passphrase=password123\nwpa_key_mgmt=WPA-PSK\nwpa_pairwise=TKIP\nrsn_pairwise=CCMP\n#speeds up the downloads\nwme_enabled=1\nieee80211n=1<\/pre>\nWe now need to tell the system where to find this configuration file.<\/p>\n
sudo nano \/etc\/default\/hostapd<\/pre>\nFind the line with
#DAEMON_CONF<\/code>, and replace it with this:<\/p>\nDAEMON_CONF=\"\/etc\/hostapd\/hostapd.conf\"<\/pre>\nStart it up
\nNow enable and start hostapd:<\/p>\nsudo systemctl unmask hostapd\nsudo systemctl enable hostapd\nsudo systemctl start hostapd<\/pre>\nAdd routing and masquerade
\nEdit\/etc\/sysctl.conf<\/code> and uncomment or add this line:<\/p>\nnet.ipv4.ip_forward=1<\/pre>\nAdd a masquerade for outbound traffic on eth0:<\/p>\n
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE<\/pre>\nSee issues below if this fails.<\/em><\/p>\n
Save the iptables rule.<\/p>\n
sudo sh -c \"iptables-save > \/etc\/iptables.ipv4.nat\"<\/pre>\nEdit
\/etc\/rc.local<\/code> and add this just aboveexit 0<\/code> to install these rules on boot.<\/p>\niptables-restore < \/etc\/iptables.ipv4.nat<\/pre>\nUsing a wireless device, search for networks. The network SSID you specified in the hostapd configuration should now be present, and it should be accessible with the specified password.<\/p>\n
If SSH is enabled on the Raspberry Pi access point, it should be possible to connect to it from another Linux box (or a system with SSH connectivity present) as follows, assuming the pi account is present:<\/p>\n
ssh pi@192.168.4.1<\/code>
\nBy this point, the Raspberry Pi is acting as an access point, and other devices can associate with it. Associated devices can access the Raspberry Pi access point via its IP address for operations such asrsync<\/code>,scp<\/code>, orssh<\/code>.<\/p>\nWhos connected?<\/h3>\n
To find out whos connected to your router install nmap <\/p>\n
sudo apt install nmap<\/pre>\nNOTE: you will need to be connected to the internet. Best way is to plug into ethernet.<\/p>\n
Once its in install you can then type this in and it will list out all connected devices.<\/p>\n
sudo nmap -sP -PI -PT 192.168.4.1\/24 > list.text<\/pre>\nExample:
\nStarting Nmap 7.40 ( https:\/\/nmap.org ) at 2019-06-19 08:56 MST
\nNmap scan report for ShadowBook-Pro (192.168.4.8)
\nHost is up (-0.090s latency).
\nMAC Address: F0:18:98:28:1C:1C (Unknown)
\nNmap scan report for kali (192.168.4.16)
\nHost is up (-0.15s latency).
\nMAC Address: 80:1F:02:F6:68:B6 (Edimax Technology)
\nNmap scan report for 192.168.4.1
\nHost is up.
\nNmap done: 256 IP addresses (3 hosts up) scanned in 15.18 seconds<\/code><\/p>\nfilter it down to IP’s only <\/p>\n
sudo nmap -sP -PI -PT 192.168.4.1\/24 | grep -i Nmap > list.text <\/pre>\nISSUES:<\/h3>\n
If you have issues with MASQUERADE you should run sudo
apt update<\/code> then sudoapt upgrade<\/code> to ensure your kernel has been replaced, thenreboot<\/code> and checkuname -r<\/code>; it should give a version with a corresponding\/lib\/modules\/<\/code> directory that does exist. The pi kernel can boot without any, however, so to check, trylsmod<\/code>; if there’s nothing, something is wrong. If there is, you can filter thatlsmod | grep -P \"ip|nf<\/code>” to see the ones that are related to iptables\/netfilter (and anything else that coincidentally contains those letter combinations).
\nThe base module is actuallyip_tables<\/code>, but it should be loaded automatically. The base module for NAT isnf_nat<\/code> but that should be loaded automatically as well.<\/p>\n","protected":false},"excerpt":{"rendered":"Prerequisites Raspberry Pi 3 B+ or Raspberry Pi Zero W Image Raspbian onto your SD card Set up your Pi with your configuration like Keyboard and wifi. Lets Update First, update your system’s package list by entering the following command: sudo apt-get update Next, upgrade all your installed packages to their latest versions with the…<\/p>\n