安裝openssl:html
sudo apt-get install openssl sudo apt-get install libssl-dev build-essential zlibc zlib-bin libidn11-dev libidn11
下載wpa_supplicantshell
wget http://hostap.epitest.fi/releases/wpa_supplicant-2.0.tar.gz tar -xzvf wpa_supplicant-2.0.tar.gz cd wpa_supplicant-2.0 cd wpa_supplicant vi .config
粘貼如下內容保存api
#.config # # Uncomment following two lines and fix the paths if you have installed openssl # in non-default location #CFLAGS += -I/usr/local/openssl/include #LIBS += -L/usr/local/openssl/lib # Driver interface for Host AP driver #CONFIG_DRIVER_HOSTAP=y # Driver interface for Agere driver #CONFIG_DRIVER_HERMES=y # Change include directories to match with the local setup #CFLAGS += -I../../hcf -I../../include -I../../include/hcf #CFLAGS += -I../../include/wireless # Driver interface for Prism54 driver # (Note: Prism54 is not yet supported, i.e., this will not work as-is and is # for developers only) #CONFIG_DRIVER_PRISM54=y # Driver interface for ndiswrapper #CONFIG_DRIVER_NDISWRAPPER=y # Driver interface for Atmel driver #CONFIG_DRIVER_ATMEL=y # Driver interface for Broadcom driver #CONFIG_DRIVER_BROADCOM=y # Example path for wlioctl.h; change to match your configuration #CFLAGS += -I/opt/WRT54GS/release/src/include # Driver interface for Intel ipw2100/2200 driver #CONFIG_DRIVER_IPW=y CONFIG_DRIVER_MADWIFI=y # Change include directories to match with the local setup CFLAGS += -I../madwif CONFIG_DRIVER_WEXT=y # Driver interface for FreeBSD net80211 layer (e.g., Atheros driver) #CONFIG_DRIVER_BSD=y #CFLAGS += -I/usr/local/include #LIBS += -L/usr/local/lib # Driver interface for Windows NDIS #CONFIG_DRIVER_NDIS=y #CFLAGS += -I/usr/include/w32api/ddk #LIBS += -L/usr/local/lib # For native build using mingw #CONFIG_NATIVE_WINDOWS=y # Additional directories for cross-compilation on Linux host for mingw target #CFLAGS += -I/opt/mingw/mingw32/include/ddk #LIBS += -L/opt/mingw/mingw32/lib #CC=mingw32-gcc # Driver interface for development testing #CONFIG_DRIVER_TEST=y # Driver interface for wired Ethernet drivers #CONFIG_DRIVER_WIRED=y CONFIG_IEEE8021X_EAPOL=y # EAP-MD5 (automatically included if EAP-TTLS is enabled) CONFIG_EAP_MD5=y # EAP-MSCHAPv2 (automatically included if EAP-PEAP is enabled) CONFIG_EAP_MSCHAPV2=y # EAP-TLS CONFIG_EAP_TLS=y # EAL-PEAP CONFIG_EAP_PEAP=y # EAP-TTLS CONFIG_EAP_TTLS=y # EAP-GTC CONFIG_EAP_GTC=y # EAP-OTP CONFIG_EAP_OTP=y # LEAP CONFIG_EAP_LEAP=y # PKCS#12 (PFX) support (used to read private key and certificate file from # a file that usually has extension .p12 or .pfx) CONFIG_PKCS12=y # Include control interface for external programs, e.g, wpa_cli CONFIG_CTRL_IFACE=y
編譯與安裝:bash
make make install
配置並鏈接路由器:app
#! /bin/sh - insmod /etc/Wireless/RT2870STA/mt7601Usta.ko wlan_no="ra0" echo Please choose WiFi connect mode echo "(1,no_pass),(2,wpa_psk),(3,wpa2_psk)" read conn_mod if [ "$conn_mod" = "1" ] then #1.1 get essid echo Welcom to no_pass mode! iwlist $wlan_no scan | grep ESSID echo Please choose a essid: read inputssid if [ `iwlist $wlan_no scan | grep $inputssid`x != "x" ] then echo "input ok!" #1.2 connect! iwconfig $wlan_no essid $inputssid dhclient $wlan_no fi echo done fi if [ "$conn_mod" = "2" ] then #2.1 copy wlan wpa psk config file to /etc/wpa_supplicant/ cp wpa_supplicant.wpa /etc/wpa_supplicant/wpa_supplicant.conf #2.2 get essid and password phrase echo Welcom to wpa_psk mode! iwlist $wlan_no scan | grep ESSID echo Please choose a essid: read inputssid if [ `iwlist $wlan_no scan | grep $inputssid`x != "x" ] then echo "input ok!" echo "please input your password:\c" read inputpass ph_pass=`wpa_passphrase $inputssid $inputpass | grep psk= | sed -n 2p | awk -F '=' '{print $2}'` echo $ph_pass #2.3 modify /etc/wpa_supplicant/wpa_supplicant.conf sed -i "s/my_network/$inputssid/g" /etc/wpa_supplicant/wpa_supplicant.conf sed -i "s/\"secret_password\"/$ph_pass/g" /etc/wpa_supplicant/wpa_supplicant.conf #2.4 connect! wpa_supplicant -B -i $wlan_no -D wext -c /etc/wpa_supplicant/wpa_supplicant.conf dhclient $wlan_no fi echo done fi if [ "$conn_mod" = "3" ] then #3.1 copy wlan wpa2 psk config file to /etc/wpa_supplicant/ cp wpa_supplicant.wpa2 /etc/wpa_supplicant/wpa_supplicant.conf #3.2 get essid and password phrase echo Welcom to wpa2_psk mode! iwlist $wlan_no scan | grep ESSID echo Please choose a essid: read inputssid if [ `iwlist $wlan_no scan | grep $inputssid`x != "x" ] then echo "input ok!" echo "please input your password:\c" read inputpass ph_pass=`wpa_passphrase $inputssid $inputpass | grep psk= | sed -n 2p | awk -F '=' '{print $2}'` echo $ph_pass #3.3 modify /etc/wpa_supplicant/wpa_supplicant.conf sed -i "s/my_network/$inputssid/g" /etc/wpa_supplicant/wpa_supplicant.conf sed -i "s/\"secret_password\"/$ph_pass/g" /etc/wpa_supplicant/wpa_supplicant.conf #3.4 connect! wpa_supplicant -B -i $wlan_no -D wext -c /etc/wpa_supplicant/wpa_supplicant.conf dhclient $wlan_no fi echo done fi
配置文件1(wpa_supplicant.wpa).less
ctrl_interface=/var/run/wpa_supplicant ctrl_interface_group=0 eapol_version=1 # ap_scan=2 was the one for me you may try 0 or 1 indstead of 2 ap_scan=2 fast_reauth=1 network={ ssid="my_network" proto=WPA key_mgmt=WPA-PSK pairwise=TKIP group=TKIP psk="secret_password" }
配置文件2(wpa_supplicant.wpa2)ui
ctrl_interface=/var/run/wpa_supplicant ctrl_interface_group=0 ap_scan=1 network={ ssid="my_network" proto=RSN key_mgmt=WPA-PSK pairwise=CCMP TKIP group=CCMP TKIP psk="secret_password" }
ap腳本:this
#! /bin/sh - # use ra0 as a gateway # use wlan0(rtl8192cu) as an AP wlan_gw_no="ra0" wlan_no="wlan0" ifconfig $wlan_no 172.16.0.1/16 sudo iptables -F iptables -t filter -F iptables -t nat -F iptables -t mangle -F gw=`ifconfig | awk 'BEGIN{FS="\n";RS=""} NR==3 {print $2}' | awk '{print $2}' | awk -F ':' '{print $2}'` #sudo iptables -t nat -A POSTROUTING -o $wlan_gw_no -j MASQUERADE sudo iptables -t nat -A POSTROUTING -o $wlan_gw_no -s 172.16.1.0/24 -j SNAT --to-source $gw iptables -nL -vv -t nat killall dnsmasq killall hostapd ifconfig $wlan_no 172.16.0.1/16 hostapd -B /etc/hostapd/hostapd.conf /etc/init.d/dnsmasq restart echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf echo 1 > /proc/sys/net/ipv4/ip_forward sleep 5 echo dhcp: ps -e | grep dns echo hosapd: ps -e | grep ap
結束rest