diff options
author | PÁLI Gábor János <pali.gabor@gmail.com> | 2022-05-28 12:44:37 +0200 |
---|---|---|
committer | PÁLI Gábor János <pali.gabor@gmail.com> | 2022-05-31 22:02:42 +0200 |
commit | 97c67abab07a57840f95d04fadbd13b3c0f5b328 (patch) | |
tree | cdd484a2af71b89ff7a75c5eb808e6e18f00801d /etc/wpa_supplicant/appliance | |
parent | a6085330a18c8a257d2e185aab016c483335f86a (diff) | |
download | freebsd-wifibox-alpine-97c67abab07a57840f95d04fadbd13b3c0f5b328.zip |
Incorporate `hostapd`.
The inclusion of `hostapd` [1] brings a lot of related changes
because the build process have to extended to take the challenge.
- Convert `wpa_passthru` to a more a generic services, called
`uds_passthru` to deal with the control socket forwarding.
It can also log the `socat` errors properly.
- Make the `Makefile` more parametric therefore the virtual disk
image can be customized better.
- Default configurations are now moved fully to the guest's side.
- Tweak the packages to be more flexible.
- Document everything.
[1] https://w1.fi/hostapd/
Diffstat (limited to 'etc/wpa_supplicant/appliance')
-rw-r--r-- | etc/wpa_supplicant/appliance/interfaces.conf.sample | 18 | ||||
-rw-r--r-- | etc/wpa_supplicant/appliance/iptables.sample | 23 | ||||
-rw-r--r-- | etc/wpa_supplicant/appliance/udhcpd.conf.sample | 18 | ||||
-rw-r--r-- | etc/wpa_supplicant/appliance/uds_passthru.conf.sample | 18 |
4 files changed, 77 insertions, 0 deletions
diff --git a/etc/wpa_supplicant/appliance/interfaces.conf.sample b/etc/wpa_supplicant/appliance/interfaces.conf.sample new file mode 100644 index 0000000..f1c2f2c --- /dev/null +++ b/etc/wpa_supplicant/appliance/interfaces.conf.sample @@ -0,0 +1,18 @@ +# This is an iface stanza for interfaces(5) with relatively sane +# defaults. Consult http://manpages.org/etc-network-interfaces/5 for +# more. +# +# The `eth0` networking interface represents the virtual Ethernet card +# of the guest, which would be the default gateway for the host. +# Change these values only if the 10.0.0.0/24 network is not suitable. + +iface eth0 inet static + address 10.0.0.1 + netmask 255.255.255.0 + +# The `wlan0` networking interface is associated with the wireless +# networking card as it is exposed by the driver. By this default +# configuration, the corresponding IP address is obtained through the +# use of DHCP. This should just work for most of the cases. + +iface wlan0 dhcp diff --git a/etc/wpa_supplicant/appliance/iptables.sample b/etc/wpa_supplicant/appliance/iptables.sample new file mode 100644 index 0000000..af60a63 --- /dev/null +++ b/etc/wpa_supplicant/appliance/iptables.sample @@ -0,0 +1,23 @@ +# This file contains exported IP Tables data that can be read by the +# iptables-restore(8) utility. It is not meant to be edited by hand +# but regenerated by the iptables-save(8) utility after the necessary +# changes were made via the respective iptables(8) commands. +# +# The IP Tables stored here implement a simplistic IP forwarding and +# NAT between the `eth0` (virtual Ethernet, facing towards the host) +# and `wlan0` (wireless networking) interfaces. + +*filter +:INPUT ACCEPT [0:0] +:FORWARD ACCEPT [0:0] +:OUTPUT ACCEPT [0:0] +[0:0] -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT +[0:0] -A FORWARD -i eth0 -o wlan0 -j ACCEPT +COMMIT +*nat +:PREROUTING ACCEPT [0:0] +:INPUT ACCEPT [0:0] +:OUTPUT ACCEPT [0:0] +:POSTROUTING ACCEPT [0:0] +[0:0] -A POSTROUTING -o wlan0 -j MASQUERADE +COMMIT diff --git a/etc/wpa_supplicant/appliance/udhcpd.conf.sample b/etc/wpa_supplicant/appliance/udhcpd.conf.sample new file mode 100644 index 0000000..501149a --- /dev/null +++ b/etc/wpa_supplicant/appliance/udhcpd.conf.sample @@ -0,0 +1,18 @@ +# This is a configuration file for udhcpd(8) with relatively sane +# defaults. Consult https://udhcp.busybox.net/udhcpd.conf for more. +# +# The value of `interface` should match with the one defined in the +# interfaces.conf file: `interface` should be exactly the same, +# `router` should correspond to `address` and `subnet` is the +# `netmask`. According to these settings below, the IP addresses are +# handed out for the 10.0.0.0/24 network. Change these only if this +# is not suitable. + +start 10.0.0.2 +end 10.0.0.254 +max_leases 64 +interface eth0 +opt subnet 255.255.255.0 +opt router 10.0.0.1 +opt dns 8.8.8.8 8.8.4.4 +opt lease 864000 diff --git a/etc/wpa_supplicant/appliance/uds_passthru.conf.sample b/etc/wpa_supplicant/appliance/uds_passthru.conf.sample new file mode 100644 index 0000000..8d0b5ac --- /dev/null +++ b/etc/wpa_supplicant/appliance/uds_passthru.conf.sample @@ -0,0 +1,18 @@ +# This is a configuration file for the Unix Domain Socket (UDS) +# pass-through feature. + +# The `network` setting should specify the IP address of the guest, +# which should match how it was defined in the interfaces.conf file. +network=10.0.0.1:255.255.255.0 + +# The `sockets` setting should list all the sockets to be forwarded +# for the host on the given ports. The `path` will be created on the +# host as a UDS with the specific owner and permissions, independently +# of how it was set in wpa_supplicant.conf. When `p2p_disabled=1` is +# set for wpa_supplicant.conf, it might make sense to remove the +# corresponding forwarding. Keep this in sync with +# wpa_supplicant.conf in general. +_sockdir=/var/run/wpa_supplicant +_perms="user=root,group=0,mode=770" +sockets="path=${_sockdir}/wlan0,${_perms},port=1200 +path=${_sockdir}/p2p-dev-wlan0,${_perms},port=1201" |