Centos7 – Create WiFi Access Point

CentOS7 에 USB Type 의 Wireless Ethernet Adapter를 사용하여, AP를 만들어 볼려고 합니다. CentOS7 이 설치되어 있는 작은 PC 와 USB Wireless NIC만 있으면 간단하게 만들 수 있습니다

사전 구성, 아래와 같이 eno1 이 internet 에 연결되어 있는 라인이며,  wlp0s26u1u3 이 내부 IP로 보면 됩니다. 여기서 주의할 점은, NetworkManager가 비활성화 되어 있어야 하며, NM_CONTROLLED가 No로 되어있어야 합니다.

# ifconfig
eno1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet xxx.xxx.xxx.5  netmask 255.255.255.0  broadcast 192.168.79.255
        inet6 fe80::a62:66ff:fe33:e930  prefixlen 64  scopeid 0x20
        ether 08:62:66:33:e9:30  txqueuelen 1000  (Ethernet)
        RX packets 20879680  bytes 19284054296 (17.9 GiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 23917293  bytes 29325471975 (27.3 GiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device interrupt 20  memory 0xf7c00000-f7c20000  

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10
        loop  txqueuelen 1  (Local Loopback)
        RX packets 20  bytes 1604 (1.5 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 20  bytes 1604 (1.5 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

wlp0s26u1u3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet yyy.yyy.yyy.1  netmask 255.0.0.0  broadcast 10.255.255.255
        inet6 fe80::66e5:99ff:fefb:782e  prefixlen 64  scopeid 0x20
        ether 64:e5:99:fb:78:2e  txqueuelen 1000  (Ethernet)
        RX packets 1533756  bytes 107787902 (102.7 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 2162101  bytes 3268888586 (3.0 GiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
# cat /etc/sysconfig/network-scripts/ifcfg-wlp0s26u1u3 
TYPE="Wireless"
MODE="AP"
BOOTPROTO="static"
NAME="wlp0s26u1u3"
DEVICE="wlp0s26u1u3"
ONBOOT="yes"
IPADDR="yyy.yyy.yyy.1"
NETMASK="255.0.0.0"
NM_CONTROLLED="no"

패키지 설치 및 구성 파일

# yum install hostapd iw
# cat /etc/hostapd/hostapd.conf 
#
# This will give you a minimal, insecure wireless network.
# 
# DO NOT BE SATISFIED WITH THAT!!!
#
# A complete, well commented example configuration file is
# available here:
#
#	/usr/share/doc/hostapd/hostapd.conf
#
# For more information, look here:
#
#	http://wireless.kernel.org/en/users/Documentation/hostapd
#

ctrl_interface=/var/run/hostapd
ctrl_interface_group=wheel

# Some usable default settings...
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0

# Uncomment these for base WPA & WPA2 support with a pre-shared key
#wpa=3
#wpa_key_mgmt=WPA-PSK
#wpa_pairwise=TKIP
#rsn_pairwise=CCMP

# DO NOT FORGET TO SET A WPA PASSPHRASE!!
#wpa_passphrase=YourPassPhrase

# Most modern wireless drivers in the kernel need driver=nl80211
driver=nl80211

# Customize these for your local configuration...
interface=wlp0s26u1u3
hw_mode=g
channel=7
ssid=[이름수정]

# 802.11n
wme_enabled=0
wmm_enabled=0
ieee80211n=1
ht_capab=[HT40+][SHORT-GI-40][DSSS_CCK-40]

# Others
ap_isolate=1
wpa=2
wpa_key_mgmt=WPA-PSK
wpa_pairwise=CCMP
#rsn_pairwise=CCMP
wpa_passphrase=[공유기비번수정]
wpa_group_rekey=1800

# Only root can configure hostapd
ctrl_interface_group=0

DHCP 데몬 구성

# yum install dhcp

# cat /etc/dhcp/dhcpd.conf 
#
# DHCP Server Configuration file.
#   see /usr/share/doc/dhcp*/dhcpd.conf.example
#   see dhcpd.conf(5) man page
#

default-lease-time 600;
max-lease-time 7200;
INTERFACES="wlp0s26u1u3";
option domain-name "";
max-lease-time 7200;
log-facility local7;

subnet yyy.yyy.yyy.0 netmask 255.0.0.0 {
    range yyy.yyy.yyy.2 yyy.yyy.yyy.20;
    option routers [yyy.yyy.yyy.1];
    option domain-name-servers [DNS Server IP];
}

IP_Forward 설정

# cat /etc/sysctl.conf 
# sysctl settings are defined through files in
# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.
#
# Vendors settings live in /usr/lib/sysctl.d/.
# To override a whole file, create a new file with the same in
# /etc/sysctl.d/ and put new settings there. To override
# only specific settings, add a file with a lexically later
# name in /etc/sysctl.d/ and put new settings there.
#
# For more information, see sysctl.conf(5) and sysctl.d(5).

net.ipv4.ip_forward = 1

방화벽 설정

# firewall-cmd --zone=public --add-masquerade --permanent
# firewall-cmd --list-all --zone=public
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: eno1 wlp0s26u1u3
  sources: 
  services: dhcpv6-client samba ssh
  ports: 
  protocols: 
  masquerade: yes
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 

시스템 데몬 설정

# systemctl enable hostapd
# systemctl enable dhcpd

설정 완료 후에 시스템 리부팅 하면 멋진 access point 가 만들어 집니다. 이제 스마트폰에서 AP검색하면 보일것이고, 미리 설정해둔 password를 사용하여 internet 에 접근이 될것입니다.

Reference Site

  • https://ev1z.be/2016/11/27/isolation-access-point-with-centos-7/
  • https://qiita.com/Mokkeee/items/b8a4a092c6d1bada2beb
  • https://unix.stackexchange.com/questions/56058/connection-with-hostapd-stops-working-after-10-minutes
  • https://www.lesstif.com/pages/viewpage.action?pageId=22053128

답글 남기기

이메일은 공개되지 않습니다. 필수 입력창은 * 로 표시되어 있습니다.