ProHoster > Blog > Pulega > Raspberry Pi + CentOS = Wi-Fi Hotspot (poʻo le alalaupapa lautusi ma se pulou mumu)

Raspberry Pi + CentOS = Wi-Fi Hotspot (poʻo le alalaupapa lautusi ma se pulou mumu)

O loʻo i ai le tele o faʻamatalaga i luga o le Initaneti e uiga i le fatuina o nofoaga avanoa Wi-Fi e faʻavae i luga o le Raspberry single-board PC. I le avea ai o se tulafono, o lona uiga o le faʻaaogaina o le Raspbian operating system faʻapitoa i le Raspberry.

I le avea ai ma se tagata faʻapitoa i faiga faʻavae RPM, e le mafai ona ou pasia lenei vavega itiiti ma le faʻataʻitaʻiina laʻu CentOS pele i luga.

O loʻo tuʻuina atu e le tusiga faʻatonuga mo le faia o se 5GHz / AC Wi-Fi router mai le Raspberry Pi 3 Model B + faʻavae i luga o le CentOS operating system. O le ai ai le tele o faʻataʻitaʻiga masani ae itiiti le lauiloa, ma o se ponesi - o se ata mo le faʻafesoʻotaʻi meafaigaluega Wi-Fi faaopoopo i le Raspberry, faʻatagaina e galue i le taimi e tasi i le tele o auala (2,4 + 5GHz).

Raspberry Pi + CentOS = Wi-Fi Hotspot (poʻo le alalaupapa lautusi ma se pulou mumu)
(fefiloi o ata maua fua)

Seʻi o tatou matauina i le taimi lava lena o nisi o saoasaoa o le vanimonimo o le a le aoga. Ou te oomiina le maualuga o le 100 Mbps mai laʻu Raspberry i luga o le ea, ma e aofia ai le saoasaoa o laʻu Initaneti. Aisea e te manaʻomia ai se AC paie, pe afai i le talitonuga e mafai ona e maua le afa gigabit e oʻo lava ile N? Afai na e fesili ifo ia te oe lava i lenei fesili, ona e alu lea i le faleoloa e faatau ai se router moni e valu antennas fafo.

0. O mea e te mana'omia

  • O le mea moni, o le "oloa rasipi" lava ia o le caliber: Pi 3 Model B + (ia ausia le saoasaoa 5GHz ma auala);
  • Lelei microSD> = 4GB;
  • Fale faigaluega ma Linux ma microSD faitau / tusitala;
  • Avanoa o lava tomai i Linux, o le tusiga e mo se Geek aʻoaʻoina;
  • Feso'ota'iga uaea (eth0) feso'ota'iga i le va o Raspberry ma Linux, fa'atautaia le DHCP server i luga o feso'otaiga fa'apitonu'u ma fa'aoga Initaneti mai masini uma e lua.

O se manatu itiiti i le vaega mulimuli. "O le fea na muamua, o le fuamoa poʻo le ..." faʻafefea ona fai se alalaupapa Wi-Fi i le leai o ni mea faʻaoga Initaneti? Sei o tatou tuʻua lenei faʻafiafiaga faʻafiafiaga i fafo atu o le lautele o le tusiga ma faʻapea o le Raspberry e fesoʻotaʻi i le fesoʻotaʻiga faʻapitonuʻu e ala ile uaea ma maua avanoa ile Initaneti. I lenei tulaga, matou te le manaʻomia se TV faʻaopoopo ma se manipulator e faʻatutu ai le "raspberry".

1. Fa'apipi'i CentOS

Itulau autu ole Poloketi

I le taimi na tusia ai lenei tusiga, o le faʻaogaina o le CentOS i luga o le masini e 32-bit. I se mea i luga o le Upega Tafaʻilagi a le Lalolagi Na ou maua ai ni manatu o le faʻatinoina o ia OS i luga o le 64-bit ARM architecture e faʻaititia e tusa ma le 20%. O le a ou tuua lenei taimi e aunoa ma se faamatalaga.

I luga o Linux, download le ata itiiti ma le fatu "-RasipiPI-"ma tusi i le microSD:

# xzcat CentOS-Userland-7-armv7hl-RaspberryPI-Minimal-1810-sda.raw.xz | 
  dd of=/dev/mmcblk0 bs=4M
# sync

Aʻo leʻi amata faʻaogaina le ata, matou te aveese le vaeluaga o le SWAP mai ai, faʻalautele le aʻa i le voluma avanoa atoa ma faʻaumatia SELinux. E faigofie le algorithm: fai se kopi o le aʻa i luga o Linux, tape uma vaega mai le microSD sei vagana ai le muamua (/boot), fatuina se aʻa fou ma toe faʻafoʻi mea mai le kopi.

Fa'ata'ita'iga o gaioiga mana'omia (fa'amafanafanaga ogaoga)

# mount /dev/mmcblk0p3 /mnt
# cd /mnt
# tar cfz ~/pi.tgz . --no-selinux
# cd
# umount /mnt


# parted /dev/mmcblk0

(parted) unit s
(parted) print free
Model: SD SC16G (sd/mmc)
Disk /dev/mmcblk0: 31116288s
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Disk Flags:

Number  Start     End        Size       Type     File system     Flags
        63s       2047s      1985s               Free Space
 1      2048s     1370111s   1368064s   primary  fat32           boot, lba
 2      1370112s  2369535s   999424s    primary  linux-swap(v1)
 3      2369536s  5298175s   2928640s   primary  ext4
        5298176s  31116287s  25818112s           Free Space

(parted) rm 3
(parted) rm 2

(parted) print free
Model: SD SC16G (sd/mmc)
Disk /dev/mmcblk0: 31116288s
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Disk Flags:

Number  Start     End        Size       Type     File system  Flags
        63s       2047s      1985s               Free Space
 1      2048s     1370111s   1368064s   primary  fat32        boot, lba
        1370112s  31116287s  29746176s           Free Space

(parted) mkpart
Partition type?  primary/extended? primary
File system type?  [ext2]? ext4
Start? 1370112s
End? 31116287s

(parted) set
Partition number? 2
Flag to Invert? lba
New state?  on/[off]? off

(parted) print free
Model: SD SC16G (sd/mmc)
Disk /dev/mmcblk0: 31116288s
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Disk Flags:

Number  Start     End        Size       Type     File system  Flags
        63s       2047s      1985s               Free Space
 1      2048s     1370111s   1368064s   primary  fat32        boot, lba
 2      1370112s  31116287s  29746176s  primary  ext4

(parted) quit


# mkfs.ext4 /dev/mmcblk0p2 
mke2fs 1.44.6 (5-Mar-2019)
/dev/mmcblk0p2 contains a swap file system labelled '_swap'
Proceed anyway? (y,N) y
Discarding device blocks: done                            
Creating filesystem with 3718272 4k blocks and 930240 inodes
Filesystem UUID: 6a1a0694-8196-4724-a58d-edde1f189b31
Superblock backups stored on blocks: 
	32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208

Allocating group tables: done                            
Writing inode tables: done                            
Creating journal (16384 blocks): done
Writing superblocks and filesystem accounting information: done   

# mount /dev/mmcblk0p2 /mnt
# tar xfz ~/pi.tgz -C /mnt --no-selinux

A uma ona tatala mea o loʻo i totonu o le vaeluaga o aʻa, ua oʻo i le taimi e fai ai ni suiga i ai.

Taofi le SELinux i totonu /mnt/etc/selinux/config:

SELINUX=disabled

Fa'atonu /mnt/etc/fstab, tuʻu ai naʻo le lua faʻamatalaga e uiga i vaeluaga: taʻavale (/boot, leai ni suiga) ma aʻa (matou te suia le tau o le UUID, lea e mafai ona maua i le suʻesuʻeina o le gaioiga o le blkid command i Linux):

UUID=6a1a0694-8196-4724-a58d-edde1f189b31  /     ext4    defaults,noatime 0 0
UUID=6938-F4F2                             /boot vfat    defaults,noatime 0 0

Ma le mea mulimuli, matou te suia le kernel boot parameters: matou te faʻamaonia se nofoaga fou mo le vaeluaga o aʻa, faʻamalo le gaioiga o faʻamatalaga faʻamatalaga ma (filifiliga) faʻasaina le fatu mai le tuʻuina atu o tuatusi IPv6 i luga o fesoʻotaʻiga fesoʻotaiga:

# cd
# umount /mnt
# mount /dev/mmcblk0p1 /mnt

O le anotusi lea /mnt/cmdline.txt i le fomu nei (tasi laina e aunoa ma ni fa'ailoga):

root=/dev/mmcblk0p2 rootfstype=ext4 elevator=deadline rootwait quiet ipv6.disable_ipv6=1

Ua faia:

# cd
# umount /mnt
# sync

Matou te toe faʻatulagaina le microSD i totonu o le "raspberry", faʻalauiloa ma maua le fesoʻotaʻiga i luga ole ssh (root/centos).

2. Faʻatulagaina CentOS

O gaioiga muamua e tolu e le maluelue: sese, yum -y faʻafouina, toe toe fai.

Matou te tuʻuina atu le pulega o fesoʻotaʻiga networkd:

# yum install systemd-networkd
# systemctl enable systemd-networkd
# systemctl disable NetworkManager
# chkconfig network off

Fausia se faila (fa'atasi ma fa'amaumauga) /etc/systemd/network/eth0.network:

[Match]
Name=eth0

[Network]
DHCP=ipv4

Matou te toe faʻafouina le "raspberry" ma toe maua le fesoʻotaʻiga i luga ole ssh (e ono suia le tuatusi IP). Faʻalogo lelei i mea e faʻaaogaina /etc/resolv.conf, na faia muamua e le Network Manager. O le mea lea, i le tulaga o faʻafitauli i le fofo, faʻasaʻo mea o loʻo i totonu. Fa'aoga systemd-iugafono matou te le.

Matou te aveese le "le tatau", toe faʻaleleia ma faʻavave le utaina o le OS:

# systemctl set-default multi-user.target
# yum remove GeoIP Network* aic* alsa* cloud-utils-growpart 
  cronie* dhc* firewal* initscripts iwl* kexec* logrotate 
  postfix rsyslog selinux-pol* teamd wpa_supplicant

O ai e mana'omia cron ma o ai e le fa'aluina le mea ua fausia i totonu systemd timers, e mafai ona faʻamautu mea o loʻo misi. / var / log- ma vaʻavaʻai tusi faʻasalalau. Afai e te manaʻomia le tala faʻasolopito (e ala i le faaletonu, o faʻamatalaga e teuina naʻo le taimi e amata ai le polokalama):

# mkdir /var/log/journal
# systemd-tmpfiles --create --prefix /var/log/journal
# systemctl restart systemd-journald
# vi /etc/systemd/journald.conf

Fa'agata le fa'aogaina o le IPv6 e ala i auaunaga fa'avae (pe a mana'omia)/ etc / ssh / sshd_config:

AddressFamily inet

/etc/sysconfig/chronyd:

OPTIONS="-4"

O le taua o le taimi i luga o le "rasberi" o se mea taua. Talu ai i fafo o le atigipusa e leai se mea e mafai ai ona faʻasaoina le tulaga o loʻo i ai nei o le uati pe a toe faʻafouina, e manaʻomia le faʻamaopoopoina. O se daemon lelei tele ma vave mo lenei mea chrony - ua uma ona faʻapipiʻi ma amata otometi. E mafai ona e suia le NTP servers i mea lata ane.

/etc/chrony.conf:

server 0.ru.pool.ntp.org iburst
server 1.ru.pool.ntp.org iburst
server 2.ru.pool.ntp.org iburst
server 3.ru.pool.ntp.org iburst

Ina ia seti le sone taimi o le a matou faʻaaogaina togafiti. Talu ai o la matou sini o le fatuina lea o se alalaupapa Wi-Fi o loʻo faʻaogaina i laina 5GHz, o le a matou sauniuni muamua mo mea faʻateʻia. tagata faʻatonu:

# yum info crda
Aotelega: Daemon tausisia tulafono faatonutonu mo 802.11 upegatafa'ilagi uaealesi

O lenei mamanu leaga, e faʻavae foi i luga o le sone taimi, "faʻasaina" le faʻaogaina (i Rusia) o laina 5GHz ma alalaupapa ma numera "maualuga". O le togafiti o le setiina o se sone taimi e aunoa ma le faʻaaogaina o igoa o konetineta/aai, o lona uiga, nai lo:

# timedatectl set-timezone Europe/Moscow

Matou te oomi:

# timedatectl set-timezone Etc/GMT-3

Ma o le paʻi mulimuli i le lauulu o le faiga:

# hostnamectl set-hostname router

/root/.bash_profile:

. . .

# User specific environment and startup programs

export PROMPT_COMMAND="vcgencmd measure_temp"
export LANG=en_US.UTF-8
export PATH=$PATH:$HOME/bin

3. CentOS Add-ons

O mea uma na taʻua i luga e mafai ona mafaufauina faʻatonuga atoatoa mo le faʻapipiʻiina o le "vanilla" CentOS i luga ole Raspberry Pi. E tatau ona e faʻaiʻu i se PC e (toe) faʻaofuofu i lalo ifo o le 10 sekone, faʻaaoga le itiiti ifo i le 15 Megabytes o le RAM ma le 1.5 Gigabytes o microSD (e moni lava e itiiti ifo i le 1 Gigabyte ona o le le atoatoa /faʻa, ae ia tatou faʻamaoni).

Ina ia faʻapipiʻi le Wi-Fi access point software i luga o lenei faiga, e te manaʻomia le faʻalauteleina o le gafatia o le tufatufaina masani CentOS. Muamua lava, seʻi o tatou faʻaleleia le avetaavale (firmware) o le faʻapipiʻi Wi-Fi ua fausia. Fai mai le itulau autu o le poloketi:

Wifi i luga ole Raspberry 3B ma le 3B+

Ole Raspberry PI 3B/3B+ firmware faila e le faʻatagaina ona tufatufaina e le CentOS Project. E mafai ona e faʻaogaina tala nei e malamalama ai i le mataupu, maua le firmware ma seti le wifi.

O mea e faʻasaina i le CentOS poloketi e le faʻasaina ia i matou mo le faʻaoga patino. Matou te suia le faʻasalalauga Wi-Fi firmware i CentOS faʻatasi ma le tutusa mai le Broadcom developers (o na mea e tasi e ita i le binary blobs ...). O lenei, aemaise lava, o le a faʻatagaina oe e faʻaaoga AC i le auala avanoa.

Fa'afouina le firmware Wi-FiSu'e le fa'ata'ita'iga o le masini ma le version firmware o lo'o iai nei:

# journalctl | grep $(basename $(readlink /sys/class/net/wlan0/device/driver))
Jan 01 04:00:03 router kernel: brcmfmac: F1 signature read @0x18000000=0x15264345
Jan 01 04:00:03 router kernel: brcmfmac: brcmf_fw_map_chip_to_name: using brcm/brcmfmac43455-sdio.bin for chip 0x004345(17221) rev 0x000006
Jan 01 04:00:03 router kernel: usbcore: registered new interface driver brcmfmac
Jan 01 04:00:03 router kernel: brcmfmac: brcmf_c_preinit_dcmds: Firmware version = wl0: Mar  1 2015 07:29:38 version 7.45.18 (r538002) FWID 01-6a2c8ad4
Jan 01 04:00:03 router kernel: brcmfmac: brcmf_c_preinit_dcmds: CLM version = API: 12.2 Data: 7.14.8 Compiler: 1.24.9 ClmImport: 1.24.9 Creation: 2014-09-02 03:05:33 Inc Data: 7.17.1 Inc Compiler: 1.26.11 Inc ClmImport: 1.26.11 Creation: 2015-03-01 07:22:34

Matou te vaʻaia o le firmware version o le 7.45.18 aso 01.03.2015/XNUMX/XNUMX, ma manatua le seti o numera nei: 43455 (brcmfmac43455-sdio.bin).

Tikia le ata Raspbian o iai nei. E mafai e tagata paie ona tusi le ata i microSD ma ave faila ma le firmware mai iina. Pe mafai foi ona e faʻapipiʻi le aʻa o le ata i Linux ma kopi mea e te manaʻomia mai iina:

# wget https://downloads.raspberrypi.org/raspbian_lite_latest
# unzip -p raspbian_lite_latest > raspbian.img
# fdisk -l raspbian.img
Disk raspbian.img: 2 GiB, 2197815296 bytes, 4292608 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x17869b7d

Device        Boot  Start     End Sectors  Size Id Type
raspbian.img1        8192  532480  524289  256M  c W95 FAT32 (LBA)
raspbian.img2      540672 4292607 3751936  1.8G 83 Linux

# mount -t ext4 -o loop,offset=$((540672 * 512)) raspbian.img /mnt
# cp -fv /mnt/lib/firmware/brcm/*43455* ...
'/mnt/lib/firmware/brcm/brcmfmac43455-sdio.bin' -> ...
'/mnt/lib/firmware/brcm/brcmfmac43455-sdio.clm_blob' -> ...
'/mnt/lib/firmware/brcm/brcmfmac43455-sdio.txt' -> ...
# umount /mnt

O le taunuuga o le Wi-Fi adapter firmware faila e tatau ona kopiina ma suia i le "rasberi" i totonu o le lisi /usr/lib/firmware/brcm/

Matou te toe faʻafouina le telefoni i le lumanaʻi ma ataata fiafia:

# journalctl | grep $(basename $(readlink /sys/class/net/wlan0/device/driver))
Jan 01 04:00:03 router kernel: brcmfmac: F1 signature read @0x18000000=0x15264345
Jan 01 04:00:03 router kernel: brcmfmac: brcmf_fw_map_chip_to_name: using brcm/brcmfmac43455-sdio.bin for chip 0x004345(17221) rev 0x000006
Jan 01 04:00:03 router kernel: usbcore: registered new interface driver brcmfmac
Jan 01 04:00:03 router kernel: brcmfmac: brcmf_c_preinit_dcmds: Firmware version = wl0: Feb 27 2018 03:15:32 version 7.45.154 (r684107 CY) FWID 01-4fbe0b04
Jan 01 04:00:03 router kernel: brcmfmac: brcmf_c_preinit_dcmds: CLM version = API: 12.2 Data: 9.10.105 Compiler: 1.29.4 ClmImport: 1.36.3 Creation: 2018-03-09 18:56:28

Fa'aliliuga: 7.45.154 aso 27.02.2018/XNUMX/XNUMX.

Ma o le mea moni EPEL:

# cat > /etc/yum.repos.d/epel.repo << EOF
[epel]
name=Epel rebuild for armhfp
baseurl=https://armv7.dev.centos.org/repodir/epel-pass-1/
enabled=1
gpgcheck=0
EOF

# yum clean all
# rm -rfv /var/cache/yum
# yum update

4. Feso'ota'iga feso'ota'iga ma lu'itau i luma atu

E pei ona matou malilie i luga, o le "raspberry" e fesoʻotaʻi i le "uaea" i le upega tafaʻilagi. Seʻi tatou faʻapea o loʻo tuʻuina atu e le 'auʻaunaga le Initaneti i le auala lava e tasi: o le tuatusi i luga o fesoʻotaʻiga lautele e tuʻuina atu ma le malosi e le DHCP server (atonu o le MAC fusifusia). I lenei tulaga, pe a maeʻa le seti mulimuli o le rasipi, naʻo lou manaʻomia e "faʻapipiʻi" le uaea a le kamupani ma ua maeʻa. Fa'atagaina e fa'aaoga systemd-networkd - le autu o se tala ese ma e le o talanoaina iinei.

O le feso'ota'iga Wi-Fi a Raspberry ose feso'ota'iga fa'apitonu'u, ma o le feso'ota'iga Ethernet fa'apipi'iina (eth0) o lo'o i fafo. Se'i tatou faanumeraina le feso'ota'iga fa'apitonu'u, fa'ata'ita'iga: 192.168.0.0/24. Ituaiga Raspei: 192.168.0.1. O le DHCP server o le a galue i luga o fesoʻotaʻiga i fafo (Initaneti).

Fa'aigoaina Fa'afitauli Tulaga и tagata fa'akomepiuta ta'uta'ua Kuatemala - lua faʻafitauli o loʻo faʻatali i soʻo se tasi e faʻapipiʻi fesoʻotaʻiga fesoʻotaʻiga ma auaunaga i faʻasalalauga systemd.

Gagana tutusaUa tuufaatasia e Lennart Pottering lana lava polokalame faatulagaga Lelei tele. Lenei faatulagaga e vave fa'alauiloa isi polokalame, e le'i maua se taimi e toe fa'afo'i mai ai le fa'aili a le laufali, e tautevateva ma pa'u i le amataga e aunoa ma le amataina o le latou ala fa'alavelave.

Ae o le mea e sili ona taua, o le tuʻufaʻatasiga malosi o faiga faʻalauiloa i le amataga o le systemd OS o se ituaiga o "alalaupapa asini" mo tagata tomai faʻapitoa LSB faʻasolosolo. O le mea e lelei ai, o le faʻatonuina o lenei "gaogao tutusa" e foliga mai e faigofie, e ui lava e le o taimi uma e iloa ai.

Matou te fatuina ni fesoʻotaʻiga alalaupapa vaʻaia se lua ma igoa faifai pea: lan и wan. Matou te "faʻafesoʻotaʻi" le Wi-Fi adapter (s) i le muamua, ma le eth0 "raspberry" i le lona lua.

/etc/systemd/network/lan.netdev:

[NetDev]
Name=lan
Kind=bridge

/etc/systemd/network/lan.network:

[Match]
Name=lan

[Network]
Address=192.168.0.1/24
IPForward=yes

/etc/systemd/network/wan.netdev: 

[NetDev]
Name=wan
Kind=bridge
#MACAddress=xx:xx:xx:xx:xx:xx

/etc/systemd/network/wan.network:

[Match]
Name=wan

[Network]
DHCP=ipv4
IPForward=yes

IPForward=ioe aveese le manaʻoga e faʻailoa i le fatu e ala i le sysctl e mafai ai le faʻaogaina.
MACAddress= Se'i o tatou fa'ailoa ma sui pe a mana'omia.

Muamua matou te "fesoʻotaʻi" eth0. Matou te manatua le "faʻafitauli tutusa" ma faʻaaoga naʻo le tuatusi MAC o lenei atinaʻe, lea e mafai ona maua, mo se faʻataʻitaʻiga, pei o lenei:

# cat /sys/class/net/eth0/address

Tatou te fatuina /etc/systemd/network/eth.network: 

[Match]
MACAddress=b8:27:eb:xx:xx:xx

[Network]
Bridge=wan

Matou te tapeina le faila faʻatulagaina muamua eth0, toe faʻafou le Raspberry ma maua le fesoʻotaʻiga fesoʻotaʻiga i ai (o le tuatusi IP e ono suia):

# rm -fv /etc/systemd/network/eth0.network
# reboot

5.DNSMASQ

Mo le faia o avanoa Wi-Fi, e leai se mea e sili atu nai lo se lua suamalie dnsmasq + hostapd e le'i iloa lava. I lo'u manatu.

Ina ne'i galo se tasi, ona...hostapd - o le mea lea e pulea ai le Wi-Fi adapters (aemaise lava, o le a tausia lelei le faʻafesoʻotaʻi i latou i le virtual lan "raspberries"), fa'atagaina ma resitaraina tagata fa'atau uaealesi.

dnsmasq - faʻapipiʻi le faʻaputuga o fesoʻotaʻiga o tagata faʻatau: faʻasalalau tuatusi IP, faʻaumau DNS, faitotoa faʻaletonu ma faʻafiafiaga tutusa.

Tatou amata i le dnsmasq:

# yum install dnsmasq

Mamanu /etc/resolv.conf:

nameserver 1.1.1.1
nameserver 1.0.0.1
nameserver 8.8.8.8
nameserver 8.8.4.4
nameserver 77.88.8.8
nameserver 77.88.8.1
domain router.local
search router.local

teuteu i lou fiafia.

la'ititi /etc/dnsmasq.conf:

domain-needed
bogus-priv
interface=lan
bind-dynamic
expand-hosts
domain=#
dhcp-range=192.168.0.100,192.168.0.199,255.255.255.0,24h
conf-dir=/etc/dnsmasq.d

O le "magic" iinei o loo taoto i le parakalafa fusia-malosi, lea e taʻu atu i le dnsmasq daemon e faʻatali seʻia faʻaalia i luga o le polokalama interface=lan, ma e le matapogia ona o le mitamita o le tuua toatasi pe a mavae le amataga.

# systemctl enable dnsmasq
# systemctl start dnsmasq; journalctl -f

6. HOSTAPD

Ma le mea mulimuli, o faʻasalalauga faʻapitoa hostapd. Ou te le masalosalo o loʻo faitau e se tasi lenei tusiga e suʻe tonu nei laina taua.

Aʻo leʻi faʻapipiʻi le hostapd, e tatau ona e foia le "faafitauli tutusa". O le wlan0 adapter ua fausia i totonu e mafai ona faigofie ona suia lona igoa i le wlan1 pe a faʻafesoʻotaʻi isi masini Wi-Fi USB. O le mea lea, o le a matou faʻapipiʻiina igoa o fesoʻotaʻiga i le auala lenei: o le a matou o mai ma igoa tulaga ese mo mea faʻapipiʻi (uaea) ma fusifusia i latou i tuatusi MAC.

Mo le feso'ota'iga Wi-Fi ua fausia, o lo'o iai pea wlan0:

# cat /sys/class/net/wlan0/address 
b8:27:eb:xx:xx:xx

Tatou te fatuina /etc/systemd/network/wl0.link:

[Match]
MACAddress=b8:27:eb:xx:xx:xx

[Link]
Name=wl0

O lenei o le a tatou mautinoa lena mea wl0 - Lenei ua fausia i totonu o le Wi-Fi. Matou te toe faʻafouina le Raspberry e faʻamautinoa ai lenei mea.

Fa'apipi'i:

# yum install hostapd wireless-tools

Faiga faila /etc/hostapd/hostapd.conf:

ssid=rpi
wpa_passphrase=1234567890

channel=36

country_code=US

interface=wl0
bridge=lan

driver=nl80211

auth_algs=1
wpa=2
wpa_key_mgmt=WPA-PSK
rsn_pairwise=CCMP

macaddr_acl=0

hw_mode=a
wmm_enabled=1

# N
ieee80211n=1
require_ht=1
ht_capab=[MAX-AMSDU-3839][HT40+][SHORT-GI-20][SHORT-GI-40][DSSS_CCK-40]

# AC
ieee80211ac=1
require_vht=1
ieee80211d=0
ieee80211h=0
vht_capab=[MAX-AMSDU-3839][SHORT-GI-80]
vht_oper_chwidth=1
vht_oper_centr_freq_seg0_idx=42

E aunoa ma se galo mo sina taimi Komiti Faalavelave a le Setete, Suia mea matou te manaʻomia ma siaki ma le lima mo galuega:

# hostapd /etc/hostapd/hostapd.conf

hostapd o le a amata i le fefaʻatauaʻiga, faʻasalalau lona tulaga i le faʻamafanafanaga. Afai e leai ni mea sese, ona mafai lea e tagata o loʻo lagolagoina le AC mode ona faʻafesoʻotaʻi i le nofoaga avanoa. E taofi le hostapd - Ctrl-C.

Pau lava le mea o loʻo totoe o le mafai lea o le hostapd i le amataga o le polokalama. Afai e te faia le mea masani (systemctl enable hostapd), a maeʻa le isi toe faʻafouina e mafai ona e maua se temoni "taʻavale i le toto" ma le suʻesuʻega "e le maua le interface wl0". O se taunuuga o le "gaogao tutusa," na amata vave ai le hostapd nai lo le fatu na maua ai le adapter wireless.

Ua tumu le Initaneti i vaifofo: mai se taimi fa'amalosi a'o le'i amataina le daemon (ni nai minute), i le isi daemon e mata'ituina foliga o le atina'e ma (toe) amata le hostpad. O fofo e fai lava si aoga, ae matua mataga. Matou te valaau atu i le sili mo se fesoasoani faatulagaga ma ona "sini" ma "galuega" ma "faalagolago".

Kopi le faila o auaunaga tufa i /etc/systemd/system/hostapd.service:

# cp -fv /usr/lib/systemd/system/hostapd.service /etc/systemd/system

ma fa'aitiitia mea o lo'o i totonu i le fa'ailoga nei:

[Unit]
Description=Hostapd IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
After=sys-subsystem-net-devices-wl0.device
BindsTo=sys-subsystem-net-devices-wl0.device

[Service]
Type=forking
PIDFile=/run/hostapd.pid
ExecStart=/usr/sbin/hostapd /etc/hostapd/hostapd.conf -P /run/hostapd.pid -B

[Install]
WantedBy=sys-subsystem-net-devices-wl0.device

O le togafiti faʻafouga o le faila o le tautua o loʻo taoto i le faʻamalosia malosi o le hostapd i le sini fou - le wl0 interface. A faʻaalia le faʻaoga, e amata le daemon; pe a mou atu, e taofi. Ma o nei mea uma i luga ole laiga - e aunoa ma le toe faʻafouina o le faiga. O lenei metotia o le a sili ona aoga pe a faʻafesoʻotaʻi se USB Wi-Fi adapter i se Raspberry.

O lea e mafai ona e:

# systemctl enable hostapd
# reboot

7. IPTABLES

“A a???” © Ioe, ioe! Leai faatulagaga. Leai ni fa'afefiloi fou (i le fomu firewalld), lea e iu lava ina faia le mea lava e tasi.

Tatou fa'aoga le mea tuai lelei iptables, o ana auaunaga, pe a uma ona amata, o le a faʻapipiʻiina tulafono o fesoʻotaiga i totonu o le fatu ma tapuni filemu e aunoa ma le nofomau ma aunoa ma le faʻaaogaina o punaoa. systemd ei ai se aulelei IPMasquerade=, ae o le a matou tuʻuina atu le faʻaliliuga tuatusi (NAT) ma le pa puipui i iptables.

Fa'apipi'i:

# yum install iptables-services
# systemctl enable iptables ip6tables

Ou te manaʻo e teu le iptables configuration o se tusitusiga (faʻataʻitaʻiga):

#!/bin/bash

#
# Disable IPv6
#
ip6tables --flush
ip6tables --delete-chain

ip6tables --policy INPUT   DROP
ip6tables --policy FORWARD DROP
ip6tables --policy OUTPUT  DROP

ip6tables-save > /etc/sysconfig/ip6tables
systemctl restart ip6tables

#
# Cleaning
#
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT

#
# Loopback, lan
#
iptables -A INPUT -i lo  -j ACCEPT
iptables -A INPUT -i lan -j ACCEPT

#
# Ping, Established
#
iptables -A INPUT -p icmp  --icmp-type echo-request    -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

#
# NAT
#
iptables -t nat -A POSTROUTING -o wan -j MASQUERADE

#
# Saving
#
iptables-save > /etc/sysconfig/iptables
systemctl restart iptables

Matou te faʻatinoina le faʻamaumauga o loʻo i luga ma leiloa le malosi e faʻatuina ai fesoʻotaʻiga SSH fou ma le Raspei. E saʻo, ua matou faia se alalaupapa Wi-Fi, avanoa i ai "e ala i le Initaneti" e faʻasaina ona o le faaletonu - ua naʻo le "i luga o le ea". Matou te fa'afeso'ota'i le uaea Ethernet a le kamupani ma amata fa'ase'e!

8. Ponesi: +2,4GHz

Ina ua ou faʻapipiʻiina le muamua Raspberry router e faʻaaoga ai le ata o loʻo faʻamatalaina i luga, na ou mauaina le tele o gadgets i totonu o loʻu aiga, ona o latou tapulaʻa mamanu Wi-Fi, e le mafai ona vaʻaia le "rasipi". O le toe faʻaleleia o le alalaupapa e galue i le 802.11b / g / n e le faʻafefe, talu ai o le maualuga o le saoasaoa "i luga o le ea" i lenei tulaga e le sili atu i le 40 Mbit, ma o laʻu mea e sili ona fiafia i ai Initaneti e ofoina mai ia te aʻu le 100 (e ala i le cable).

O le mea moni, o se fofo i le faʻafitauli ua uma ona faia: o se fesoʻotaʻiga Wi-Fi lona lua o loʻo faʻaogaina i le taimi ole 2,4 GHz, ma se avanoa lona lua. I se faleoloa lata ane na ou le faatauina mai le muamua, ae o le USB Wi-Fi lona lua "faaili" na ou tau i ai. O le tagata faʻatau na faʻaleagaina e fesili e uiga i le kaseti, fesoʻotaʻiga ma fatu ARM Linux ma le avanoa e galue ai i le AP mode (o ia o le tagata muamua na amata).

Matou te faʻatulagaina le "faaili" e ala i le faʻatusa ma le faʻapipiʻi Wi-Fi ua fausia.

Muamua, se'i toe fa'aigoaina i wl1:

# cat /sys/class/net/wlan0/address 
b0:6e:bf:xx:xx:xx

/etc/systemd/network/wl1.link:

[Match]
MACAddress=b0:6e:bf:xx:xx:xx

[Link]
Name=wl1

O le a matou tuʻuina atu le pulega o le Wi-Fi fou fesoʻotaʻiga i se isi hostapd daemon, lea o le a amata ma taofi faʻalagolago i le i ai o se "puupuu" faʻamalamalamaina i totonu o le polokalama: wl1.

Faiga faila /etc/hostapd/hostapd2.conf:

ssid=rpi2
wpa_passphrase=1234567890

#channel=1
#channel=6
channel=11

interface=wl1
bridge=lan

driver=nl80211

auth_algs=1
wpa=2
wpa_key_mgmt=WPA-PSK
rsn_pairwise=CCMP

macaddr_acl=0

hw_mode=g
wmm_enabled=1

# N
ieee80211n=1
require_ht=1
ht_capab=[HT40][SHORT-GI-20][SHORT-GI-40][DSSS_CCK-40]

O mea o loʻo i totonu o lenei faila e faʻalagolago saʻo i le faʻataʻitaʻiga o le USB Wi-Fi adapter, o lea e mafai ai ona e le maua se kopi / faʻapipiʻi.

Kopi le faila o auaunaga tufa i /etc/systemd/system/hostapd2.service:

# cp -fv /usr/lib/systemd/system/hostapd.service /etc/systemd/system/hostapd2.service

ma fa'aitiitia mea o lo'o i totonu i le fa'ailoga nei:

[Unit]
Description=Hostapd IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
After=sys-subsystem-net-devices-wl1.device
BindsTo=sys-subsystem-net-devices-wl1.device

[Service]
Type=forking
PIDFile=/run/hostapd2.pid
ExecStart=/usr/sbin/hostapd /etc/hostapd/hostapd2.conf -P /run/hostapd2.pid -B

[Install]
WantedBy=sys-subsystem-net-devices-wl1.device

Pau lava le mea e totoe o le faʻatagaina lea o se faʻataʻitaʻiga fou o le hostapd:

# systemctl enable hostapd2

Pau lava lena! Toso le "faaili" ma le "raspberry" lava ia, vaʻai i fesoʻotaʻiga uaealesi o loʻo siomia ai oe.

Ma le mea mulimuli, ou te fia lapataia oe e uiga i le tulaga lelei o le USB Wi-Fi adapter ma le mana o le Raspberry. Feso'ota'i "vevela fa'aili" e mafai i nisi taimi ona "aisa aisa" ona o fa'afitauli tau eletise mo taimi pupuu.

puna: www.habr.com

Faaopoopo i ai se faamatalaga