diff options
Diffstat (limited to 'etc')
| l--------- | etc/hostapd/app_config | 1 | ||||
| -rw-r--r-- | etc/hostapd/appliance/interfaces.conf.sample | 35 | ||||
| -rw-r--r-- | etc/hostapd/appliance/iptables.sample | 23 | ||||
| -rw-r--r-- | etc/hostapd/appliance/udhcpd.conf.sample | 19 | ||||
| -rw-r--r-- | etc/hostapd/appliance/uds_passthru.conf.sample | 14 | ||||
| -rw-r--r-- | etc/hostapd/hostapd/hostapd.conf.sample | 16 | ||||
| l--------- | etc/wpa_supplicant/app_config | 1 | ||||
| -rw-r--r-- | etc/wpa_supplicant/appliance/interfaces.conf.sample (renamed from etc/interfaces.conf.sample) | 0 | ||||
| -rw-r--r-- | etc/wpa_supplicant/appliance/iptables.sample (renamed from etc/iptables.sample) | 0 | ||||
| -rw-r--r-- | etc/wpa_supplicant/appliance/udhcpd.conf.sample (renamed from etc/udhcpd.conf.sample) | 0 | ||||
| -rw-r--r-- | etc/wpa_supplicant/appliance/uds_passthru.conf.sample | 18 | ||||
| -rw-r--r-- | etc/wpa_supplicant/wpa_supplicant/wpa_supplicant.conf.sample | 16 |
12 files changed, 143 insertions, 0 deletions
diff --git a/etc/hostapd/app_config b/etc/hostapd/app_config new file mode 120000 index 0000000..492e4fe --- /dev/null +++ b/etc/hostapd/app_config @@ -0,0 +1 @@ +hostapd
\ No newline at end of file diff --git a/etc/hostapd/appliance/interfaces.conf.sample b/etc/hostapd/appliance/interfaces.conf.sample new file mode 100644 index 0000000..d346368 --- /dev/null +++ b/etc/hostapd/appliance/interfaces.conf.sample @@ -0,0 +1,35 @@ +# This is an iface stanza for interfaces(5) with relatively sane +# defaults. Consult http://manpages.org/etc-network-interfaces/5 for +# more. +# +# The `eth0` networking interface represents the virtual Ethernet card +# of the guest, which is shared with the host. The `gateway` IP +# address should match with the address as it was configured on the +# host, and `address` is the guest's own address. In addition to +# this, it is recommended to setup a NAT between `wifibox0` and the +# interface that faces towards the Internet. This can be done with +# the help of pf(4) for example. Here is sample configuration, see +# pf.conf(5) for more information. +# +# wlan_if="wifibox0" +# lan_if="em0" +# virt_net="10.0.0.0/24" +# +# scrub all +# nat on $lan_if from $virt_net to any -> $lan_if +# pass log all +# +# Change these values as desired, they are here only for inspiration. + +iface eth0 inet static + gateway 10.0.0.1 + address 10.0.0.2/24 + +# The `wlan0` networking interface is associated with the wireless +# networking card as it is exposed by the driver. By this default +# configuration, the corresponding IP address is statically set to +# make it the gateway for the wireless network, see the contents of +# udhcp.conf for the rest. + +iface wlan0 inet static + address 192.168.0.1/24 diff --git a/etc/hostapd/appliance/iptables.sample b/etc/hostapd/appliance/iptables.sample new file mode 100644 index 0000000..b9e2044 --- /dev/null +++ b/etc/hostapd/appliance/iptables.sample @@ -0,0 +1,23 @@ +# This file contains exported IP Tables data that can be read by the +# iptables-restore(8) utility. It is not meant to be edited by hand +# but regenerated by the iptables-save(8) utility after the necessary +# changes were made via the respective iptables(8) commands. +# +# The IP Tables stored here implement a simplistic IP forwarding and +# NAT between `wlan0` (wireless networking) and `eth0` (virtual +# Ethernet, facing towards the host) interfaces. + +*filter +:INPUT ACCEPT [0:0] +:FORWARD ACCEPT [0:0] +:OUTPUT ACCEPT [0:0] +[0:0] -A FORWARD -i wlan0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT +[0:0] -A FORWARD -i wlan0 -o eth0 -j ACCEPT +COMMIT +*nat +:PREROUTING ACCEPT [0:0] +:INPUT ACCEPT [0:0] +:OUTPUT ACCEPT [0:0] +:POSTROUTING ACCEPT [0:0] +[0:0] -A POSTROUTING -o eth0 -j MASQUERADE +COMMIT diff --git a/etc/hostapd/appliance/udhcpd.conf.sample b/etc/hostapd/appliance/udhcpd.conf.sample new file mode 100644 index 0000000..6411e6f --- /dev/null +++ b/etc/hostapd/appliance/udhcpd.conf.sample @@ -0,0 +1,19 @@ +# This is a configuration file for udhcpd(8) with some basic defaults. +# Consult https://udhcp.busybox.net/udhcpd.conf for more. +# +# The value of `interface` should match with the one defined in the +# interfaces.conf file: `interface` should be exactly the same, +# `router` should correspond to `address` and `subnet` is the +# `netmask`. According to these settings below, the IP addresses are +# handed out for the 192.168.0.0/24 network. +# +# Change these values as needed, they are here only for inspiration. + +start 192.168.0.2 +end 192.168.0.254 +max_leases 64 +interface wlan0 +opt subnet 255.255.255.0 +opt router 192.168.0.1 +opt dns 8.8.8.8 8.8.4.4 +opt lease 864000 diff --git a/etc/hostapd/appliance/uds_passthru.conf.sample b/etc/hostapd/appliance/uds_passthru.conf.sample new file mode 100644 index 0000000..ea5b942 --- /dev/null +++ b/etc/hostapd/appliance/uds_passthru.conf.sample @@ -0,0 +1,14 @@ +# This is a configuration file for the Unix Domain Socket (UDS) +# pass-through feature. + +# The `network` setting should specify the IP address of the guest, +# which should match how it was defined in the interfaces.conf file. +network=10.0.0.2:255.255.255.0 + +# The `sockets` setting should list all the sockets to be forwarded +# for the host on the given ports. The `path` will be created on the +# host as a UDS with the specific owner and permissions. Ideally, +# this does not have to be changed. +_sockdir=/var/run/hostapd +_perms="user=root,group=0,mode=770" +sockets="path=${_sockdir}/wlan0,${_perms},port=1200" diff --git a/etc/hostapd/hostapd/hostapd.conf.sample b/etc/hostapd/hostapd/hostapd.conf.sample new file mode 100644 index 0000000..a30dd3e --- /dev/null +++ b/etc/hostapd/hostapd/hostapd.conf.sample @@ -0,0 +1,16 @@ +# This is a placeholder file. On how to create one, consult +# /usr/share/examples/hostapd/hostapd.conf or import an existing one +# from the /etc directory. + +# Mind that the `ctrl_interface` parameter, when in use, has to be +# kept in sync with UDS pass-through definitions in uds_passthru.conf. +# The default values are aligned with these settings below. +# +#ctrl_interface=/var/run/hostapd +#ctrl_interface_group=0 +# +# The hostapd(8) configuration may refer to other files, for which +# examples can also be found in /usr/share/examples/hostapd. The +# files will be mounted under /etc/hostapd in the guest, hence they +# can be referenced under that path. For example, hostapd.wpa_psk +# will be available as /etc/hostapd/hostapd.wpa_psk. diff --git a/etc/wpa_supplicant/app_config b/etc/wpa_supplicant/app_config new file mode 120000 index 0000000..39e6aa9 --- /dev/null +++ b/etc/wpa_supplicant/app_config @@ -0,0 +1 @@ +wpa_supplicant
\ No newline at end of file diff --git a/etc/interfaces.conf.sample b/etc/wpa_supplicant/appliance/interfaces.conf.sample index f1c2f2c..f1c2f2c 100644 --- a/etc/interfaces.conf.sample +++ b/etc/wpa_supplicant/appliance/interfaces.conf.sample diff --git a/etc/iptables.sample b/etc/wpa_supplicant/appliance/iptables.sample index af60a63..af60a63 100644 --- a/etc/iptables.sample +++ b/etc/wpa_supplicant/appliance/iptables.sample diff --git a/etc/udhcpd.conf.sample b/etc/wpa_supplicant/appliance/udhcpd.conf.sample index 501149a..501149a 100644 --- a/etc/udhcpd.conf.sample +++ b/etc/wpa_supplicant/appliance/udhcpd.conf.sample diff --git a/etc/wpa_supplicant/appliance/uds_passthru.conf.sample b/etc/wpa_supplicant/appliance/uds_passthru.conf.sample new file mode 100644 index 0000000..8d0b5ac --- /dev/null +++ b/etc/wpa_supplicant/appliance/uds_passthru.conf.sample @@ -0,0 +1,18 @@ +# This is a configuration file for the Unix Domain Socket (UDS) +# pass-through feature. + +# The `network` setting should specify the IP address of the guest, +# which should match how it was defined in the interfaces.conf file. +network=10.0.0.1:255.255.255.0 + +# The `sockets` setting should list all the sockets to be forwarded +# for the host on the given ports. The `path` will be created on the +# host as a UDS with the specific owner and permissions, independently +# of how it was set in wpa_supplicant.conf. When `p2p_disabled=1` is +# set for wpa_supplicant.conf, it might make sense to remove the +# corresponding forwarding. Keep this in sync with +# wpa_supplicant.conf in general. +_sockdir=/var/run/wpa_supplicant +_perms="user=root,group=0,mode=770" +sockets="path=${_sockdir}/wlan0,${_perms},port=1200 +path=${_sockdir}/p2p-dev-wlan0,${_perms},port=1201" diff --git a/etc/wpa_supplicant/wpa_supplicant/wpa_supplicant.conf.sample b/etc/wpa_supplicant/wpa_supplicant/wpa_supplicant.conf.sample new file mode 100644 index 0000000..7ff2639 --- /dev/null +++ b/etc/wpa_supplicant/wpa_supplicant/wpa_supplicant.conf.sample @@ -0,0 +1,16 @@ +# This is a placeholder file. On how to create one, consult +# /usr/share/examples/etc/wpa_supplicant.conf or import an existing one +# from the /etc directory. + +# Mind that the `ctrl_interface` parameter, when in use, has to be +# kept in sync with UDS pass-through definitions in uds_passthru.conf. +# The default values are aligned with these settings below. +# +#ctrl_interface=/var/run/wpa_supplicant +#ctrl_interface_group=0 +# +# It is also recommended to enable write access for the clients that +# are connecting to wpa_supplicant from the host through the forwarded +# control socket. +# +#update_config=1 |