#!/bin/bash # Little script to deploy a Wifi Access Point using hostapd, dnsmasq and iptables sudo systemctl stop hostapd sudo systemctl stop isc-dhcp-server sudo systemctl stop dhcpcd ready="" echo "First of all, be sure that ip, iw, isc-dhcp-server, hostapd, dhcpcd and iptables are installed" echo "Is it the case ? Y/N" read ready if [ $ready != "Y" ]; then echo "exiting..." exit fi # LIST INTERFACES echo "Listing devices..." sudo iw dev | grep "Interface" echo "" echo "Enter the interface name you would like to choose:" read int_name # DISABLE POWER MANAGEMENT sudo iw "$int_name" get power_save sudo iw "$int_name" set power_save off printf "\n\n" # PREVENT NETWORK MANAGER FROM DOING SH1T sudo printf "[main]\nplugins=icfg-rh,keyfile\n\n[keyfile]\nunmanaged-devices=interface-name:${int_name}" > /etc/NetworkManager/conf.d/donotcontrolap.conf # PREVENT wpa_supplicant FROM DOING SH1T TOO sudo printf "interface ${int_name}\n static ip_address=192.168.1.1/24\n nohook wpa_supplicant" > /etc/dhcpcd.conf # ASK IF ERRORS OCCURED echo "Did any error occured ? You can shutdown the script now if any happenned" echo "Continue ? Y/N" read ready if [ $ready != "Y" ]; then echo "exiting..." exit fi # CREATE ACCESS POINT sudo printf "interface=${int_name}\ndriver=nl80211\nssid=MonReseauLAN\nhw_mode=g\nchannel=6\nwmm_enabled=0\nmacaddr_acl=0\nauth_algs=1\nignore_broadcast_ssid=0\nwpa=2\nwpa_passphrase=mdp12345\nwpa_key_mgmt=WPA-PSK\nrsn_pairwise=CCMP\n" > /etc/hostapd/hostapd.conf sudo printf "\nDAEMON_CONF=\"/etc/hostapd/hostapd.conf\"\n\n#EDITED BY SCRIPTS" >> /etc/default/hostapd # DHCP CONFIGURATION echo "Do you wish to save the actual isc-dhcp-server configuration ?" read ready if [ $ready == "Y" ]; then sudo cp /etc/dhcp/dhcpd.conf /etc/dhcp/dhcpd.conf.old fi sudo printf "\nDHCPDv4_CONF=/etc/dhcp/dhcpd.conf\nINTERFACESv4=\"${int_name}\"\n\n#EDITED BY SCRIPTS" >> /etc/default/isc-dhcp-server sudo printf "subnet 192.168.1.0 netmask 255.255.255.0 {\n # Plage d'adresses IP à distribuer\n range 192.168.1.2 192.168.1.253;\n # Serveur(s) DNS à distribuer\n #option domain-name-servers 192.168.14.201;\n # Passerelle par défaut\n option routers 192.168.1.1;\n}" > /etc/dhcp/dhcpd.conf # CHECK IF CONFIG OK less /etc/dhcpcd.conf less /etc/hostapd/hostapd.conf less /etc/default/hostapd less /etc/default/isc-dhcp-server less /etc/dhcp/dhcpd.conf less /etc/NetworkManager/conf.d/donotcontrolap.conf sudo iw "$int_name" get power_save printf "\n\n" echo "Is everything ok ? Y/N" read ready if [ $ready != "Y" ]; then echo "exiting..." exit fi echo "config ok." sleep 2s clear # NAT echo "Do you wish to set up a NAT to a specific interface ? (Useful when the interface is connected to internet !) Y/N" read ready clear if [ $ready == "Y" ]; then ip a echo "Enter the name of the interface to NAT to..." read int_NAT printf "Be sure to run: echo 1 > /proc/sys/net/ipv4/ip_forward before NATing\n\n" sudo iptables -t nat -D POSTROUTING -o $int_NAT -j MASQUERADE sudo iptables -t nat -A POSTROUTING -o $int_NAT -j MASQUERADE sudo iptables -t nat -L -n -v fi echo "Do you wish to shutdown the script ? Y/N" read ready if [ $ready != "N" ]; then echo "exiting..." exit fi # START AP sudo systemctl restart NetworkManager sudo nmcli dev status echo "Is the AP's interface unmanaged from NetworkManager ? if yes, continue Y/N" read ready if [ $ready != "Y" ]; then echo "exiting..." exit fi sudo systemctl restart dhcpcd sudo systemctl restart isc-dhcp-server sudo systemctl restart hostapd printf "Access point started !!\n" sleep 2s sudo journalctl -u hostapd -f sudo journalctl -u isc-dhcp-server -f echo "run journalctl -u hostapd -f ; to check up the AP" echo "run journalctl -u isc-dhcp-server -f ; to check IP addresses distributed through the AP" print "good bye !\n"