Akwai bayanai da yawa akan Intanet akan ƙirƙirar wuraren shiga Wi-Fi bisa PC guda ɗaya na Rasberi. A ka'ida, wannan yana nufin amfani da tsarin aiki na Raspbian na asali ga Rasberi.
Kasancewa mai bin tsarin tushen RPM, ba zan iya wucewa ta wannan ƙaramin abin al'ajabi ba kuma ban gwada CentOS ƙaunatacce akan sa ba.
Labarin yana ba da umarni don yin 5GHz/AC Wi-Fi na'ura mai ba da hanya tsakanin hanyoyin sadarwa daga Rasberi Pi 3 Model B+ dangane da tsarin aiki na CentOS. Za a sami daidaitattun dabaru da yawa amma ba a san su ba, kuma azaman kari - zane don haɗa ƙarin kayan aikin Wi-Fi zuwa Rasberi, yana ba shi damar aiki lokaci guda ta hanyoyi da yawa (2,4+5GHz).
(haɗaɗɗen hotuna masu samuwa kyauta)
Bari mu lura nan da nan cewa wasu saurin sararin samaniya ba za su yi aiki ba. Ina matse iyakar 100 Mbps daga Rasberi ta sama, kuma wannan yana rufe saurin mai ba da Intanet na. Me yasa kuke buƙatar irin wannan sluggish AC, idan a ka'idar zaku iya samun rabin gigabit koda akan N? Idan kun yi wa kanku wannan tambayar, to, ku je kantin sayar da kayayyaki don siyan na'ura mai ba da hanya tsakanin hanyoyin sadarwa tare da eriya takwas na waje.
0. Abin da za ku buƙaci
- A zahiri, “samfurin rasberi” da kansa yana da ƙima: Pi 3 Model B+ (don cimma burin 5GHz da ake so da kuma tashoshi);
- microSD mai kyau>= 4GB;
- Wurin aiki tare da Linux da microSD mai karatu / marubuci;
- Samun isassun ƙwarewa a cikin Linux, labarin don ƙwararren Geek ne;
- Haɗin hanyar sadarwa mai waya (eth0) tsakanin Rasberi da Linux, mai tafiyar da uwar garken DHCP akan hanyar sadarwar gida da samun damar Intanet daga na'urori biyu.
Ƙananan sharhi akan batu na ƙarshe. "Wane ne ya fara zuwa, kwai ko ..." yadda ake yin na'ura mai ba da hanya tsakanin hanyoyin sadarwa na Wi-Fi ba tare da wani kayan aikin shiga Intanet ba? Bari mu bar wannan darasi mai nishadantarwa a waje da iyakar labarin kuma kawai mu ɗauka cewa Rasberi yana da alaƙa da cibiyar sadarwar gida ta waya kuma yana da damar shiga Intanet. A wannan yanayin, ba za mu buƙaci ƙarin TV da manipulator don saita "rasberi".
1. Shigar CentOS
A lokacin rubuta wannan labarin, nau'in CentOS mai gudana akan na'urar shine 32-bit. Wani wuri akan Yanar Gizon Yanar Gizo na Duniya Na ci karo da ra'ayoyin cewa aikin irin waɗannan OS a kan gine-ginen 64-bit ARM ya ragu da kusan 20%. Zan bar wannan lokacin ba tare da sharhi ba.
A Linux, zazzage ƙaramin hoto tare da kernel"-RaspberryPI-"kuma rubuta shi zuwa microSD:
# xzcat CentOS-Userland-7-armv7hl-RaspberryPI-Minimal-1810-sda.raw.xz |
dd of=/dev/mmcblk0 bs=4M
# sync
Kafin fara amfani da hoton, za mu cire ɓangaren SWAP daga gare ta, fadada tushen zuwa duk ƙarar da ke akwai kuma mu kawar da SELinux. Algorithm yana da sauƙi: yin kwafin tushen akan Linux, share duk ɓangarori daga microSD sai na farko (/boot), ƙirƙirar sabon tushe kuma dawo da abinda ke ciki daga kwafin.
Misalin ayyukan da ake buƙata (fitarwa mai tsanani)
# mount /dev/mmcblk0p3 /mnt
# cd /mnt
# tar cfz ~/pi.tgz . --no-selinux
# cd
# umount /mnt
# parted /dev/mmcblk0
(parted) unit s
(parted) print free
Model: SD SC16G (sd/mmc)
Disk /dev/mmcblk0: 31116288s
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Disk Flags:
Number Start End Size Type File system Flags
63s 2047s 1985s Free Space
1 2048s 1370111s 1368064s primary fat32 boot, lba
2 1370112s 2369535s 999424s primary linux-swap(v1)
3 2369536s 5298175s 2928640s primary ext4
5298176s 31116287s 25818112s Free Space
(parted) rm 3
(parted) rm 2
(parted) print free
Model: SD SC16G (sd/mmc)
Disk /dev/mmcblk0: 31116288s
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Disk Flags:
Number Start End Size Type File system Flags
63s 2047s 1985s Free Space
1 2048s 1370111s 1368064s primary fat32 boot, lba
1370112s 31116287s 29746176s Free Space
(parted) mkpart
Partition type? primary/extended? primary
File system type? [ext2]? ext4
Start? 1370112s
End? 31116287s
(parted) set
Partition number? 2
Flag to Invert? lba
New state? on/[off]? off
(parted) print free
Model: SD SC16G (sd/mmc)
Disk /dev/mmcblk0: 31116288s
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Disk Flags:
Number Start End Size Type File system Flags
63s 2047s 1985s Free Space
1 2048s 1370111s 1368064s primary fat32 boot, lba
2 1370112s 31116287s 29746176s primary ext4
(parted) quit
# mkfs.ext4 /dev/mmcblk0p2
mke2fs 1.44.6 (5-Mar-2019)
/dev/mmcblk0p2 contains a swap file system labelled '_swap'
Proceed anyway? (y,N) y
Discarding device blocks: done
Creating filesystem with 3718272 4k blocks and 930240 inodes
Filesystem UUID: 6a1a0694-8196-4724-a58d-edde1f189b31
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208
Allocating group tables: done
Writing inode tables: done
Creating journal (16384 blocks): done
Writing superblocks and filesystem accounting information: done
# mount /dev/mmcblk0p2 /mnt
# tar xfz ~/pi.tgz -C /mnt --no-selinux
Bayan buɗe abubuwan da ke cikin tushen ɓangaren, lokaci ya yi da za a yi wasu canje-canje a ciki.
Kashe SELinux a ciki /mnt/etc/selinux/config:
SELINUX=disabled
Gyarawa /mnt/etc/fstab, barin a ciki kawai shigarwar guda biyu game da ɓangarori: taya (/boot, babu canje-canje) da tushen (muna canza darajar UUID, wanda za'a iya gano shi ta hanyar nazarin fitowar umarnin blkid akan Linux):
UUID=6a1a0694-8196-4724-a58d-edde1f189b31 / ext4 defaults,noatime 0 0
UUID=6938-F4F2 /boot vfat defaults,noatime 0 0
A ƙarshe, muna canza sigogin taya na kernel: mun ƙididdige sabon wuri don ɓangaren tushen, musaki fitar da bayanan lalata kuma (na zaɓi) hana kernel sanya adiresoshin IPv6 akan hanyoyin sadarwa:
# cd
# umount /mnt
# mount /dev/mmcblk0p1 /mnt
Ga abun ciki /mnt/cmdline.txt zuwa tsari mai zuwa (layi ɗaya ba tare da sarƙaƙƙiya):
root=/dev/mmcblk0p2 rootfstype=ext4 elevator=deadline rootwait quiet ipv6.disable_ipv6=1
An gama:
# cd
# umount /mnt
# sync
Muna sake tsara microSD a cikin "rasberi", ƙaddamar da shi kuma sami damar shiga hanyar sadarwa ta ssh (tushen/centos).
2. Saita CentOS
Motsi guda uku na farko mara girgiza: passwd, yum -y sabunta, sake yi.
Muna ba da damar gudanar da hanyar sadarwa hanyar sadarwa:
# yum install systemd-networkd
# systemctl enable systemd-networkd
# systemctl disable NetworkManager
# chkconfig network off
Ƙirƙiri fayil (tare da kundayen adireshi) /etc/systemd/network/eth0.network:
[Match]
Name=eth0
[Network]
DHCP=ipv4
Muna sake kunna "rasberi" kuma muna sake samun damar shiga hanyar sadarwa ta hanyar ssh (adireshin IP na iya canzawa). Kula da abin da ake amfani dashi /etc/resolv.conf, wanda Manajan hanyar sadarwa ya kirkira a baya. Don haka, idan akwai matsaloli tare da warwarewa, gyara abubuwan da ke ciki. Amfani tsarin-warware ba za mu yi ba.
Mun cire "ba dole ba", gyara da kuma hanzarta loading na OS:
# systemctl set-default multi-user.target
# yum remove GeoIP Network* aic* alsa* cloud-utils-growpart
cronie* dhc* firewal* initscripts iwl* kexec* logrotate
postfix rsyslog selinux-pol* teamd wpa_supplicant
Wanene yake bukata cron kuma wanda ba ya narkar da ginannen
# mkdir /var/log/journal
# systemd-tmpfiles --create --prefix /var/log/journal
# systemctl restart systemd-journald
# vi /etc/systemd/journald.conf
Kashe amfani da IPv6 ta sabis na asali (idan an buƙata)/ sauransu / ssh / sshd_config:
AddressFamily inet
/etc/sysconfig/chronyd:
OPTIONS="-4"
Dacewar lokaci akan "rasberi" abu ne mai mahimmanci. Tunda daga cikin akwatin babu ikon kayan aiki don adana yanayin agogo na yanzu lokacin sake kunnawa, ana buƙatar aiki tare. Daemon mai kyau da sauri don wannan shine tarihi - riga an shigar kuma yana farawa ta atomatik. Kuna iya canza sabar NTP zuwa mafi kusa.
/etc/chrony.conf:
server 0.ru.pool.ntp.org iburst
server 1.ru.pool.ntp.org iburst
server 2.ru.pool.ntp.org iburst
server 3.ru.pool.ntp.org iburst
Don saita yankin lokaci za mu yi amfani da shi dabara. Tunda burin mu shine ƙirƙirar Wi-Fi na'ura mai ba da hanya tsakanin hanyoyin sadarwa da ke aiki a mitoci 5GHz, za mu shirya don abubuwan ban mamaki a gaba. mai tsarawa:
# yum info crda
Takaitawa: Daemon na bin ka'ida don hanyar sadarwar mara waya ta 802.11
Wannan mugun ƙira, kuma dangane da yankin lokaci, "hana" amfani (a cikin Rasha) na mitoci 5GHz da tashoshi tare da lambobi "masu girma". Dabarar ita ce saita yankin lokaci ba tare da amfani da sunayen nahiyoyi/birane ba, wato maimakon:
# timedatectl set-timezone Europe/Moscow
Muna danna:
# timedatectl set-timezone Etc/GMT-3
Kuma ƙarshe ya shafi salon gashi na tsarin:
# hostnamectl set-hostname router
/tushen/.bash_profile:
. . .
# User specific environment and startup programs
export PROMPT_COMMAND="vcgencmd measure_temp"
export LANG=en_US.UTF-8
export PATH=$PATH:$HOME/bin
3. CentOS Add-ons
Duk abin da aka faɗa a sama ana iya ɗaukar cikakken umarnin don shigar da “vanilla” CentOS akan Rasberi Pi. Ya kamata ku ƙare da PC wanda (sake) takalma a cikin ƙasa da daƙiƙa 10, yana amfani da ƙasa da Megabytes 15 na RAM da 1.5 Gigabyte na microSD (a zahiri ƙasa da 1 Gigabyte saboda rashin cika / boot, amma bari mu faɗi gaskiya).
Don shigar da software ta hanyar samun damar Wi-Fi akan wannan tsarin, kuna buƙatar ɗan faɗaɗa ƙarfin daidaitaccen rarrabawar CentOS. Da farko, bari mu haɓaka direba (firmware) na ginanniyar adaftar Wi-Fi. Shafin gidan aikin yana cewa:
Wifi akan Rasberi 3B da 3B+
Fayilolin firmware na Rasberi PI 3B/3B+ ba a yarda su rarraba ta aikin CentOS ba. Kuna iya amfani da labarai masu zuwa don fahimtar batun, samun firmware kuma saita wifi.
Abin da aka haramta don aikin CentOS ba a haramta mana don amfanin kanmu ba. Muna maye gurbin rarraba Wi-Fi firmware a cikin CentOS tare da daidaitaccen ɗaya daga masu haɓakawa na Broadcom (wadanda suka ƙi binary blobs ...). Wannan, musamman, zai ba ku damar amfani da AC a cikin yanayin shiga.
Wi-Fi firmware hažakaNemo samfurin na'urar da sigar firmware na yanzu:
# journalctl | grep $(basename $(readlink /sys/class/net/wlan0/device/driver))
Jan 01 04:00:03 router kernel: brcmfmac: F1 signature read @0x18000000=0x15264345
Jan 01 04:00:03 router kernel: brcmfmac: brcmf_fw_map_chip_to_name: using brcm/brcmfmac43455-sdio.bin for chip 0x004345(17221) rev 0x000006
Jan 01 04:00:03 router kernel: usbcore: registered new interface driver brcmfmac
Jan 01 04:00:03 router kernel: brcmfmac: brcmf_c_preinit_dcmds: Firmware version = wl0: Mar 1 2015 07:29:38 version 7.45.18 (r538002) FWID 01-6a2c8ad4
Jan 01 04:00:03 router kernel: brcmfmac: brcmf_c_preinit_dcmds: CLM version = API: 12.2 Data: 7.14.8 Compiler: 1.24.9 ClmImport: 1.24.9 Creation: 2014-09-02 03:05:33 Inc Data: 7.17.1 Inc Compiler: 1.26.11 Inc ClmImport: 1.26.11 Creation: 2015-03-01 07:22:34
Mun ga cewa sigar firmware shine 7.45.18 kwanan wata 01.03.2015/XNUMX/XNUMX, kuma ku tuna saitin lambobi masu zuwa: 43455 (brcmfmac43455-sdio.bin).
# wget https://downloads.raspberrypi.org/raspbian_lite_latest
# unzip -p raspbian_lite_latest > raspbian.img
# fdisk -l raspbian.img
Disk raspbian.img: 2 GiB, 2197815296 bytes, 4292608 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x17869b7d
Device Boot Start End Sectors Size Id Type
raspbian.img1 8192 532480 524289 256M c W95 FAT32 (LBA)
raspbian.img2 540672 4292607 3751936 1.8G 83 Linux
# mount -t ext4 -o loop,offset=$((540672 * 512)) raspbian.img /mnt
# cp -fv /mnt/lib/firmware/brcm/*43455* ...
'/mnt/lib/firmware/brcm/brcmfmac43455-sdio.bin' -> ...
'/mnt/lib/firmware/brcm/brcmfmac43455-sdio.clm_blob' -> ...
'/mnt/lib/firmware/brcm/brcmfmac43455-sdio.txt' -> ...
# umount /mnt
Fayilolin firmware na adaftar Wi-Fi da ya haifar dole ne a kwafi kuma a maye gurbinsu da “rasberi” cikin kundin adireshi. /usr/lib/firmware/brcm/
Mun sake kunna na'ura mai ba da hanya tsakanin hanyoyin sadarwa na gaba kuma muna murmushi cikin gamsuwa:
# journalctl | grep $(basename $(readlink /sys/class/net/wlan0/device/driver))
Jan 01 04:00:03 router kernel: brcmfmac: F1 signature read @0x18000000=0x15264345
Jan 01 04:00:03 router kernel: brcmfmac: brcmf_fw_map_chip_to_name: using brcm/brcmfmac43455-sdio.bin for chip 0x004345(17221) rev 0x000006
Jan 01 04:00:03 router kernel: usbcore: registered new interface driver brcmfmac
Jan 01 04:00:03 router kernel: brcmfmac: brcmf_c_preinit_dcmds: Firmware version = wl0: Feb 27 2018 03:15:32 version 7.45.154 (r684107 CY) FWID 01-4fbe0b04
Jan 01 04:00:03 router kernel: brcmfmac: brcmf_c_preinit_dcmds: CLM version = API: 12.2 Data: 9.10.105 Compiler: 1.29.4 ClmImport: 1.36.3 Creation: 2018-03-09 18:56:28
Shafin: 7.45.154 kwanan wata 27.02.2018/XNUMX/XNUMX.
Kuma ba shakka EPEL:
# cat > /etc/yum.repos.d/epel.repo << EOF
[epel]
name=Epel rebuild for armhfp
baseurl=https://armv7.dev.centos.org/repodir/epel-pass-1/
enabled=1
gpgcheck=0
EOF
# yum clean all
# rm -rfv /var/cache/yum
# yum update
4. Tsarin hanyar sadarwa da kalubale a gaba
Kamar yadda muka yarda a sama, "rasberi" an haɗa shi ta "waya" zuwa cibiyar sadarwar gida. Bari mu ɗauka cewa mai ba da sabis yana ba da damar Intanet daidai da hanyar: adireshin da ke kan hanyar sadarwar jama'a ana ba da shi ta hanyar uwar garken DHCP (wataƙila tare da ɗaurin MAC). A wannan yanayin, bayan saitin karshe na rasberi, kawai kuna buƙatar "toshe" kebul na mai badawa a ciki kuma kun gama. Izini ta amfani da systemd-cibiyar sadarwa - batun wani labarin dabam kuma ba a tattauna a nan ba.
Rasberi's Wi-Fi interface(s) cibiyar sadarwar gida ce, kuma ginanniyar adaftar Ethernet (eth0) na waje ne. Bari mu ƙidaya cibiyar sadarwar gida a ƙididdiga, misali: 192.168.0.0/24. Adireshin Rasberi: 192.168.0.1. Sabar DHCP zata yi aiki akan hanyar sadarwa ta waje (Internet).
Parallel hargitsi (digression lyrical)Lennart Pottering ta tsara nata shirin tsarin tsarin Yayi kyau sosai. Wannan tsarin tsarin ta kaddamar da wasu shirye-shirye da sauri ta yadda ba su da lokacin da za su farfado daga busar da alkalin wasa ya yi musu, tun da farko suka yi tuntube da faduwa ba tare da sun fara taka tsantsan ba.
Amma a zahiri, daidaitawar matakan da aka ƙaddamar a farkon tsarin OS wani nau'i ne na "gadar jaki" don ƙwararrun ƙwararrun LSB. Abin farin ciki, kawo tsari ga wannan "hargitsi mai kama da juna" ya zama mai sauƙi, kodayake ba koyaushe ba ne.
Mun ƙirƙiri musaya na gada guda biyu tare da sunaye akai-akai: lan и wan. Za mu “haɗa” adaftar (s) Wi-Fi zuwa na farko, da eth0 “rasberi” zuwa na biyu.
/etc/systemd/network/lan.netdev:
[NetDev]
Name=lan
Kind=bridge
/etc/systemd/network/lan.network:
[Match]
Name=lan
[Network]
Address=192.168.0.1/24
IPForward=yes
/etc/systemd/network/wan.netdev:
[NetDev]
Name=wan
Kind=bridge
#MACAddress=xx:xx:xx:xx:xx:xx
/etc/systemd/network/wan.network:
[Match]
Name=wan
[Network]
DHCP=ipv4
IPForward=yes
IPForward=iya yana kawar da buƙatar ambaton kernel ta hanyar sysctl don ba da damar kewayawa.
MACAdress = Bari mu uncomment mu canza idan ya cancanta.
Da farko muna "haɗa" eth0. Muna tunawa da "matsalar daidaituwa" kuma muna amfani da adireshin MAC kawai na wannan dubawa, wanda za'a iya gano shi, alal misali, kamar haka:
# cat /sys/class/net/eth0/address
Mun halitta /etc/systemd/network/eth.network:
[Match]
MACAddress=b8:27:eb:xx:xx:xx
[Network]
Bridge=wan
Muna share fayil ɗin sanyi na baya eth0, sake kunna Rasberi kuma mu sami hanyar shiga hanyar sadarwa (da yuwuwar adireshin IP ɗin zai canza):
# rm -fv /etc/systemd/network/eth0.network
# reboot
5.DNSMASQ
Don ƙirƙirar wuraren shiga Wi-Fi, babu wani abu da ya doke ma'aurata masu daɗi dnsmasq + amintacce har yanzu ba a gano shi ba. A ganina.
Idan wani ya manta, to...
Bari mu fara da dnsmasq:
# yum install dnsmasq
Misali /etc/resolv.conf:
nameserver 1.1.1.1
nameserver 1.0.0.1
nameserver 8.8.8.8
nameserver 8.8.4.4
nameserver 77.88.8.8
nameserver 77.88.8.1
domain router.local
search router.local
gyara shi zuwa ga son ku.
minimalist / da sauransu / dnsmasq.conf:
domain-needed
bogus-priv
interface=lan
bind-dynamic
expand-hosts
domain=#
dhcp-range=192.168.0.100,192.168.0.199,255.255.255.0,24h
conf-dir=/etc/dnsmasq.d
“Sihirin” anan yana cikin ma’auni ɗaure-tsauri, wanda ke gaya wa dnsmasq daemon ya jira har sai ya bayyana akan tsarin interface=lan, kuma kada ku suma saboda dacewa da girman kai bayan farawa.
# systemctl enable dnsmasq
# systemctl start dnsmasq; journalctl -f
6. HOSTAPD
Kuma a ƙarshe, saitin hostapd na sihiri. Ba ni da shakka cewa wani yana karanta wannan labarin don neman ainihin waɗannan layukan masu daraja.
Kafin shigar da hostapd, kuna buƙatar shawo kan "matsalar rashin daidaituwa". Adaftar Wi-Fi da aka gina a cikin wlan0 na iya canza sunansa cikin sauƙi zuwa wlan1 lokacin haɗa ƙarin kayan Wi-Fi na USB. Sabili da haka, za mu gyara sunayen masu dubawa ta hanyar da ta biyo baya: za mu fito da sunaye na musamman don masu adaftar (mara waya) da kuma ɗaure su zuwa adiresoshin MAC.
Domin ginanniyar adaftar Wi-Fi, wanda har yanzu wlan0:
# cat /sys/class/net/wlan0/address
b8:27:eb:xx:xx:xx
Mun halitta /etc/systemd/network/wl0.link:
[Match]
MACAddress=b8:27:eb:xx:xx:xx
[Link]
Name=wl0
Yanzu za mu tabbatar da hakan wl0 - Wannan ginannen Wi-Fi ne. Mun sake kunna Rasberi don tabbatar da hakan.
Shigar:
# yum install hostapd wireless-tools
Fayil na tsari /etc/hostapd/hostapd.conf:
ssid=rpi
wpa_passphrase=1234567890
channel=36
country_code=US
interface=wl0
bridge=lan
driver=nl80211
auth_algs=1
wpa=2
wpa_key_mgmt=WPA-PSK
rsn_pairwise=CCMP
macaddr_acl=0
hw_mode=a
wmm_enabled=1
# N
ieee80211n=1
require_ht=1
ht_capab=[MAX-AMSDU-3839][HT40+][SHORT-GI-20][SHORT-GI-40][DSSS_CCK-40]
# AC
ieee80211ac=1
require_vht=1
ieee80211d=0
ieee80211h=0
vht_capab=[MAX-AMSDU-3839][SHORT-GI-80]
vht_oper_chwidth=1
vht_oper_centr_freq_seg0_idx=42
Ba tare da mantawa ba
# hostapd /etc/hostapd/hostapd.conf
hostapd zai fara a yanayin mu'amala, yana watsa yanayin sa zuwa na'ura wasan bidiyo. Idan babu kurakurai, to abokan ciniki waɗanda ke goyan bayan yanayin AC za su iya haɗawa zuwa wurin shiga. Don dakatar da hostapd - Ctrl-C.
Abin da ya rage shi ne don kunna hostapd a cikin tsarin farawa. Idan kun yi daidaitaccen abu (systemctl kunna hostapd), to bayan sake kunnawa na gaba za ku iya samun aljani "mai birgima cikin jini" tare da ganewar asali "dubawa wl0 ba a samo ba". Sakamakon "hargitsi mai kama da juna," hostapd ya fara sauri fiye da kernel ya sami adaftar mara waya.
Intanit yana cike da magunguna: daga lokacin tilastawa kafin fara daemon (mintuna da yawa), zuwa wani daemon wanda ke lura da bayyanar da dubawa kuma (sake) farawa da hostpad. Maganganun suna da sauƙin aiki, amma muna da muni. Muna kira ga mai girma don taimako tsarin tsarin tare da "manufa" da "ayyukan" da "dogara".
Kwafi fayil ɗin sabis ɗin rarraba zuwa /etc/systemd/system/hostapd.service:
# cp -fv /usr/lib/systemd/system/hostapd.service /etc/systemd/system
kuma a rage abin da ke cikinsa zuwa nau'i mai zuwa:
[Unit]
Description=Hostapd IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
After=sys-subsystem-net-devices-wl0.device
BindsTo=sys-subsystem-net-devices-wl0.device
[Service]
Type=forking
PIDFile=/run/hostapd.pid
ExecStart=/usr/sbin/hostapd /etc/hostapd/hostapd.conf -P /run/hostapd.pid -B
[Install]
WantedBy=sys-subsystem-net-devices-wl0.device
Sihiri na fayil ɗin sabis ɗin da aka sabunta ya ta'allaka ne a cikin ɗaure mai ƙarfi na hostapd zuwa sabon manufa - wl0 interface. Lokacin da ke dubawa ya bayyana, daemon yana farawa; lokacin da ya ɓace, yana tsayawa. Kuma wannan duk akan layi ne - ba tare da sake kunna tsarin ba. Wannan dabarar za ta yi amfani musamman lokacin haɗa adaftar Wi-Fi na USB zuwa Rasberi.
Yanzu za ku iya:
# systemctl enable hostapd
# reboot
7. IPTABLES
"Waye???" © iya, iya! Babu tsarin tsarin. Babu sabon haɗe-haɗe (a cikin sigar firewalld), wanda ya ƙare har yin abu ɗaya.
Mu yi amfani da tsohon mai kyau iptables, wanda sabis ɗin, bayan farawa, za su loda dokokin cibiyar sadarwa a cikin kwaya kuma a rufe a hankali ba tare da sauran mazaunin ba kuma ba tare da cinye albarkatu ba. systemd yana da m IPMasquerade=, amma har yanzu za mu ba da amanar fassarar adireshin (NAT) da Tacewar zaɓi ga iptables.
Shigar:
# yum install iptables-services
# systemctl enable iptables ip6tables
Na fi son adana tsarin iptables azaman rubutun (misali):
#!/bin/bash
#
# Disable IPv6
#
ip6tables --flush
ip6tables --delete-chain
ip6tables --policy INPUT DROP
ip6tables --policy FORWARD DROP
ip6tables --policy OUTPUT DROP
ip6tables-save > /etc/sysconfig/ip6tables
systemctl restart ip6tables
#
# Cleaning
#
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
#
# Loopback, lan
#
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -i lan -j ACCEPT
#
# Ping, Established
#
iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
#
# NAT
#
iptables -t nat -A POSTROUTING -o wan -j MASQUERADE
#
# Saving
#
iptables-save > /etc/sysconfig/iptables
systemctl restart iptables
Muna aiwatar da rubutun da ke sama kuma mun rasa ikon kafa sabbin hanyoyin sadarwa na SSH tare da Rasberi. Haka ne, mun yi na'ura mai ba da hanya tsakanin hanyoyin sadarwa na Wi-Fi, samun dama ga wanda "ta hanyar Intanet" aka haramta ta tsohuwa - yanzu kawai "a kan iska". Muna haɗa kebul na Ethernet na mai bayarwa kuma mu fara hawan igiyar ruwa!
8. Bonus: +2,4GHz
Lokacin da na haɗa na'ura mai ba da hanya tsakanin hanyoyin sadarwa na Rasberi na farko ta amfani da zanen da aka kwatanta a sama, na gano na'urori da yawa a cikin gidana waɗanda, saboda iyakokin ƙirar Wi-Fi ɗin su, ba za su iya ganin "rasberi" kwata-kwata ba. Sake saita na'ura mai ba da hanya tsakanin hanyoyin sadarwa don aiki a cikin 802.11b/g/n ba wasa bane, tunda matsakaicin saurin "a kan iska" a cikin wannan yanayin bai wuce 40 Mbit ba, kuma mai ba da Intanet na fi so yana ba ni 100 (ta hanyar kebul).
A haƙiƙa, an riga an ƙirƙiro hanyar magance matsalar: na'ura mai ba da hanya tsakanin hanyoyin sadarwa ta Wi-Fi ta biyu da ke aiki a mitar 2,4 GHz, da wurin shiga ta biyu. A wani rumfar da ke kusa da na saya ba na farko ba, amma na biyu na Wi-Fi na USB na "whistle" na ci karo. An azabtar da mai siyar da tambayoyi game da kwakwalwan kwamfuta, dacewa tare da kwayayen Linux ARM da yuwuwar yin aiki a yanayin AP (shine farkon wanda ya fara).
Muna saita “whistle” ta misali tare da ginanniyar adaftar Wi-Fi.
Da farko, bari mu sake suna zuwa wl1:
# cat /sys/class/net/wlan0/address
b0:6e:bf:xx:xx:xx
/etc/systemd/network/wl1.link:
[Match]
MACAddress=b0:6e:bf:xx:xx:xx
[Link]
Name=wl1
Za mu ba da amanar gudanar da sabuwar hanyar sadarwar Wi-Fi zuwa wani keɓaɓɓen daemon na hostapd, wanda zai fara kuma zai tsaya dangane da kasancewar takamaiman “busa” a cikin tsarin: wl1.
Fayil na tsari /etc/hostapd/hostapd2.conf:
ssid=rpi2
wpa_passphrase=1234567890
#channel=1
#channel=6
channel=11
interface=wl1
bridge=lan
driver=nl80211
auth_algs=1
wpa=2
wpa_key_mgmt=WPA-PSK
rsn_pairwise=CCMP
macaddr_acl=0
hw_mode=g
wmm_enabled=1
# N
ieee80211n=1
require_ht=1
ht_capab=[HT40][SHORT-GI-20][SHORT-GI-40][DSSS_CCK-40]
Abubuwan da ke cikin wannan fayil kai tsaye sun dogara da samfurin adaftar Wi-Fi na USB, don haka kwafin banal na iya gazawar ku.
Kwafi fayil ɗin sabis ɗin rarraba zuwa /etc/systemd/system/hostapd2.service:
# cp -fv /usr/lib/systemd/system/hostapd.service /etc/systemd/system/hostapd2.service
kuma a rage abin da ke cikinsa zuwa nau'i mai zuwa:
[Unit]
Description=Hostapd IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
After=sys-subsystem-net-devices-wl1.device
BindsTo=sys-subsystem-net-devices-wl1.device
[Service]
Type=forking
PIDFile=/run/hostapd2.pid
ExecStart=/usr/sbin/hostapd /etc/hostapd/hostapd2.conf -P /run/hostapd2.pid -B
[Install]
WantedBy=sys-subsystem-net-devices-wl1.device
Abin da ya rage shi ne don kunna sabon misali na hostapd:
# systemctl enable hostapd2
Shi ke nan! Ja da "busa" da "rasberi" kanta, dubi cibiyoyin sadarwa mara waya da ke kewaye da ku.
Kuma a ƙarshe, ina so in yi muku gargaɗi game da ingancin adaftar Wi-Fi na USB da wutar lantarki na Rasberi. Haɗin "zafi mai zafi" na iya haifar da "daskare rasberi" wani lokaci saboda matsalolin lantarki na ɗan lokaci.
source: www.habr.com