#+TITLE: RTL8188US AP in Archlinux #+DATE: 2016-03-06 #+SETUPFILE: ~/Dropbox/Documents/Code/sites/blog/octopress.org #+JEKYLL_LAYOUT: post #+JEKYLL_CATEGORIES: #+JEKYLL_TAGS: configuration #+JEKYLL_PUBLISHED: false

I wanted to set up an archlinux PC that is connected to network via ethernet, to serve wifi. There are a bunch of instructions online for doing just that, but unfortunately none of them worked for for me. The main issue was which drivers,hostapd,and hostapd config to use for the Realtek RTL8188 USB wifi dongle.

The required hardware:

  • x86 based laptop with an ethernet port, running linux (here archlinux will be used).
  • Realtek RTL8188 dongle, or another that supports running in AP mode. Specifically, AFAIK built in intel chips DO NOT support this mode. To test this, one needs to have the iw util installed, and iw list|grep AP should be non-empty. I get the following, for example:
% iw list|grep AP
                 * AP
                 * AP/VLAN
                 * AP: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
                 * AP/VLAN: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
                 * AP: 0x00 0x20 0x40 0xa0 0xb0 0xc0 0xd0
                 * AP/VLAN: 0x00 0x20 0x40 0xa0 0xb0 0xc0 0xd0
                 * AP/VLAN
                 Device supports AP scan.
                 * AP: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
                 * AP/VLAN: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
                 * AP: 0x00 0x20 0x40 0xa0 0xb0 0xc0 0xd0
                 * AP/VLAN: 0x00 0x20 0x40 0xa0 0xb0 0xc0 0xd0

So, the instructions:

  1. Enable the device
  2. hostapd
ssid=HPSETUP
interface=wlp0s29u1u2
channel=1
wpa=2
wpa_passphrase=zaq12wsx
driver=nl80211
#driver=rtl871xdrv
hw_mode=g
wpa_key_mgmt=WPA-PSK
rsn_pairwise=CCMP
wpa_pairwise=TKIP
debug=2
macaddr_acl=0
auth_algs=3
ignore_broadcast_ssid=0
  1. packet forwarding
sudo tee /etc/sysctl.d/30-ipforward.conf << END
net.ipv4.ip_forward=1
net.ipv6.conf.default.forwarding=1
net.ipv6.conf.all.forwarding=1
END
sudo sysctl -p /etc/sysctl.d/30-ipforward.conf
  1. iptables
sudo bash - << END
iptables -t nat -A POSTROUTING -o internet0 -j MASQUERADE
iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i net0 -o internet0 -j ACCEPT
END
iptables-save|tee /etc/iptables/iptables.rules
sudo systemctl enable iptables
  1. dhcpd
## /etc/dhcpd.conf
subnet 192.168.XXX.0 netmask 255.255.255.0 {
range 192.168.XXX.10 192.168.XXX.50;
option broadcast-address 192.168.XX.255;
option routers 192.168.XXX.1;
default-lease-time 600;
max-lease-time 7200;
option domain-name "local";
option domain-name-servers "UPSTREAM1", "UPSTREAM2", "ETC";
}

References: