Waxaa jira xaddi aad u badan oo macluumaad ah oo ku saabsan internetka oo ku saabsan abuurista dhibcaha marinka Wi-Fi ee ku saleysan Raspberry kombuyuutar hal sax ah. Sida caadiga ah, tani waxay ka dhigan tahay isticmaalka nidaamka hawlgalka Raspbian ee u dhashay Raspberry.
Anigoo raacaya nidaamyada ku saleysan RPM, ma dhaafi karin mucjisadan yar mana isku dayi karin CentOS gacaliyahayga.
Maqaalku wuxuu bixiyaa tilmaamo lagu samaynayo 5GHz/AC Wi-Fi router ka Raspberry Pi 3 Model B+ oo ku salaysan nidaamka hawlgalka CentOS. Waxaa jiri doona dhowr farsamooyin heersare ah laakiin aan la aqoon, iyo gunno ahaan - sawir lagu xirayo qalab dheeri ah oo Wi-Fi ah Raspberry, taasoo u oggolaaneysa inay isku mar ku shaqeyso dhowr nooc (2,4 + 5GHz).
(isku dhafan sawirro si xor ah loo heli karo)
Aynu isla markiiba ogaano in qaar ka mid ah xawliyada cosmic aysan shaqayn doonin. Waxaan ku tuujiyaa ugu badnaan 100 Mbps ee Raspberry-ka hawada, tanina waxay dabooshaa xawaaraha bixiyahayga internetka. Maxaad ugu baahan tahay AC caajis ah, haddii aragti ahaan aad ku heli karto gigabit nus xitaa N? Haddii aad is weydiisay su'aashan, ka dibna u tag dukaanka si aad u iibsato router dhab ah oo leh siddeed anteeno dibadda ah.
0. Waxaad u baahan doontaa
- Dhab ahaantii, "alaabta raspberry" lafteedu waa caliber: Pi 3 Model B+ (si loo gaaro xawaaraha 5GHz ee la jecel yahay iyo kanaalada);
- microSD wanaagsan>= 4GB;
- Goobta shaqada ee Linux iyo microSD akhristaha/qoraa;
- Helitaanka xirfado ku filan Linux, maqaalku waa Geek tababbaran;
- Isku xirka shabakada (eth0) ee ka dhexeeya Raspberry iyo Linux, ku shaqeeya serverka DHCP ee shabakada maxaliga ah iyo helitaanka internetka ee labada qalab.
Faallo yar oo ku saabsan qodobka u dambeeya. "Kee baa hor yimid, ukunta ama..." sida loo sameeyo router Wi-Fi ah iyada oo aysan jirin wax qalab ah oo internetka ah? Aynu ka tagno layligan madadaalada leh meel ka baxsan baaxadda maqaalka oo aynu si fudud u qaadanno in Raspberryku uu ku xidhan yahay shabakadda maxaliga ah silig oo uu galo internetka. Xaaladdan oo kale, uma baahnaan doono TV dheeraad ah iyo manipulator si loo dejiyo "raspberry".
1. Ku rakib CentOS
Waqtiga qorista maqaalkan, nooca ku shaqeeya ee CentOS ee aaladda waa 32-bit. Meel ka mid ah Shabakadda Caalamiga ah ee Shabakadda Waxaan la kulmay fikrado ah in waxqabadka OS-yada noocan oo kale ah ee 64-bit ARM naqshadeynta la dhimay ilaa 20%. Waxaan ka tagi doonaa xilligan oo aan faallo.
Linux, kala soo bax sawirka ugu yar kernel-ka"-RaspberryPI-"oo u qor microSD:
# xzcat CentOS-Userland-7-armv7hl-RaspberryPI-Minimal-1810-sda.raw.xz |
dd of=/dev/mmcblk0 bs=4M
# sync
Kahor intaadan bilaabin isticmaalka sawirka, waxaan ka saari doonaa qaybta SWAP, waxaan ku ballaarin doonaa xididka dhammaan mugga la heli karo oo ka takhalusi doona SELinux. Algorithm waa mid fudud: ka samee nuqul ka mid ah xididka Linux, ka tirtir dhammaan qaybaha microSD marka laga reebo kan ugu horreeya (/boot), samee xidid cusub oo ka soo celi waxa ku jira nuqulka.
Tusaalaha ficilada loo baahan yahay (wax soo saarka console daran)
# mount /dev/mmcblk0p3 /mnt
# cd /mnt
# tar cfz ~/pi.tgz . --no-selinux
# cd
# umount /mnt
# parted /dev/mmcblk0
(parted) unit s
(parted) print free
Model: SD SC16G (sd/mmc)
Disk /dev/mmcblk0: 31116288s
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Disk Flags:
Number Start End Size Type File system Flags
63s 2047s 1985s Free Space
1 2048s 1370111s 1368064s primary fat32 boot, lba
2 1370112s 2369535s 999424s primary linux-swap(v1)
3 2369536s 5298175s 2928640s primary ext4
5298176s 31116287s 25818112s Free Space
(parted) rm 3
(parted) rm 2
(parted) print free
Model: SD SC16G (sd/mmc)
Disk /dev/mmcblk0: 31116288s
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Disk Flags:
Number Start End Size Type File system Flags
63s 2047s 1985s Free Space
1 2048s 1370111s 1368064s primary fat32 boot, lba
1370112s 31116287s 29746176s Free Space
(parted) mkpart
Partition type? primary/extended? primary
File system type? [ext2]? ext4
Start? 1370112s
End? 31116287s
(parted) set
Partition number? 2
Flag to Invert? lba
New state? on/[off]? off
(parted) print free
Model: SD SC16G (sd/mmc)
Disk /dev/mmcblk0: 31116288s
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Disk Flags:
Number Start End Size Type File system Flags
63s 2047s 1985s Free Space
1 2048s 1370111s 1368064s primary fat32 boot, lba
2 1370112s 31116287s 29746176s primary ext4
(parted) quit
# mkfs.ext4 /dev/mmcblk0p2
mke2fs 1.44.6 (5-Mar-2019)
/dev/mmcblk0p2 contains a swap file system labelled '_swap'
Proceed anyway? (y,N) y
Discarding device blocks: done
Creating filesystem with 3718272 4k blocks and 930240 inodes
Filesystem UUID: 6a1a0694-8196-4724-a58d-edde1f189b31
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208
Allocating group tables: done
Writing inode tables: done
Creating journal (16384 blocks): done
Writing superblocks and filesystem accounting information: done
# mount /dev/mmcblk0p2 /mnt
# tar xfz ~/pi.tgz -C /mnt --no-selinux
Ka dib markii la furayo waxa ku jira qaybta xididka, waa waqtigii isbedel lagu samayn lahaa.
Dami SELinux gudaha /mnt/etc/selinux/config:
SELINUX=disabled
Tafatirka /mnt/etc/fstab, iyada oo ku dhaafeysa laba qaybood oo keliya oo ku saabsan qaybaha: boot (/boot, wax isbeddel ah) iyo xidid (waxaan beddeleynaa qiimaha UUID, taas oo lagu ogaan karo iyada oo la baranayo wax soo saarka blkid ee Linux):
UUID=6a1a0694-8196-4724-a58d-edde1f189b31 / ext4 defaults,noatime 0 0
UUID=6938-F4F2 /boot vfat defaults,noatime 0 0
Ugu dambeyntiina, waxaan beddeleynaa cabbirrada kabaha kernel-ka: waxaan u cayimnaa meel cusub oo loogu talagalay qaybta xididka, curyaaminta wax soo saarka macluumaadka cilladaha iyo (ikhtiyaar ahaan) waxaan ka mamnuucnay kernel-ka inuu u qoondeeyo cinwaannada IPv6 ee is-dhexgalka shabakada:
# cd
# umount /mnt
# mount /dev/mmcblk0p1 /mnt
Waa kan nuxurka /mnt/cmdline.txt qaabkan soo socda (hal xariiq oo aan lahayn xaraf-xidhaale):
root=/dev/mmcblk0p2 rootfstype=ext4 elevator=deadline rootwait quiet ipv6.disable_ipv6=1
La sameeyay:
# cd
# umount /mnt
# sync
Waxaan dib u habeyn ku sameyneynaa microSD-ga "raspberry", bilow oo waxaan ka helnaa marin u helka shabakadda ssh (xidid/centos).
2. Dejinta CentOS
Saddexda dhaq-dhaqaaq ee ugu horreeya ee aan gariirin: passwd, cusboonaysiinta yum-yada, dib u bilow.
Waxaan bixinaa maamulka shabakada isku xidhan:
# yum install systemd-networkd
# systemctl enable systemd-networkd
# systemctl disable NetworkManager
# chkconfig network off
Samee fayl (oo ay la socdaan hagaha) /etc/systemd/network/eth0.network:
[Match]
Name=eth0
[Network]
DHCP=ipv4
Waxaan dib u kicinay "raspberry" oo haddana waxaan helnaa marin u helka shabakada ssh (ciwaanka IP-ga ayaa laga yaabaa inuu isbedelo). U fiirso waxa la isticmaalo /etc/resolv.conf, oo uu hore u abuuray Maareeyaha Shabakadda. Sidaa darteed, haddii ay jiraan dhibaatooyin xagga xallinta, wax ka beddel waxa ku jira. Isticmaal nidaam lagu xaliyay ma yeeli doono.
Waxaan meesha ka saarnaa "aan loo baahnayn", hagaajinta iyo dardar gelinta OS:
# systemctl set-default multi-user.target
# yum remove GeoIP Network* aic* alsa* cloud-utils-growpart
cronie* dhc* firewal* initscripts iwl* kexec* logrotate
postfix rsyslog selinux-pol* teamd wpa_supplicant
Yaa u baahan text iyo yaa aan dheefshiidin waxa ku dhex jira
# mkdir /var/log/journal
# systemd-tmpfiles --create --prefix /var/log/journal
# systemctl restart systemd-journald
# vi /etc/systemd/journald.conf
Jooji isticmaalka IPV6 adeegyada aasaasiga ah (haddii loo baahdo)/ etc / ssh / sshd_config:
AddressFamily inet
/etc/sysconfig/chronyd:
OPTIONS="-4"
Ku habboonaanta waqtiga "raspberry" waa shay muhiim ah. Maadaama sanduuqa ka baxsan aysan jirin awood qalabeed si loo badbaadiyo xaaladda hadda ee saacadda marka dib loo bilaabo, isku-dubarid ayaa loo baahan yahay. Daemon aad u fiican oo degdeg ah tani waa taariikh dheer - mar hore la rakibay oo si toos ah u bilaabma. Waxaad u bedeli kartaa server-yada NTP kuwa kuugu dhow.
/etc/chrony.conf:
server 0.ru.pool.ntp.org iburst
server 1.ru.pool.ntp.org iburst
server 2.ru.pool.ntp.org iburst
server 3.ru.pool.ntp.org iburst
Si loo dejiyo aagga wakhtiga waxaan isticmaali doonaa khiyaano. Maadaama hadafkayagu yahay inaan abuurno router Wi-Fi ah oo ku shaqeeya 5GHz soo noqnoqda, waxaan horay u diyaarin doonaa waxyaabaha la yaabka leh nidaamiyaha:
# yum info crda
Soo koobid: Daemon u hoggaansanaanta sharciga ee 802.11 isku xirka wireless
Naqshaddan sharka leh, oo sidoo kale ku salaysan aagga wakhtiga, "waxay mamnuucday" isticmaalka (Ruushka) ee 5GHz iyo kanaalada leh nambarada "sare". Khiyaamada ayaa ah in la dejiyo aag wakhti iyada oo aan la isticmaalin magacyada qaaradaha/magaalooyinka, taas oo ah, halkii:
# timedatectl set-timezone Europe/Moscow
Waxaan riixeynaa:
# timedatectl set-timezone Etc/GMT-3
Iyo taabashooyinka ugu dambeeya ee timaha nidaamka:
# hostnamectl set-hostname router
/xidid/.bash_profile:
. . .
# User specific environment and startup programs
export PROMPT_COMMAND="vcgencmd measure_temp"
export LANG=en_US.UTF-8
export PATH=$PATH:$HOME/bin
3. Ku-darka CentOS
Wax kasta oo kor lagu sheegay waxaa loo tixgelin karaa tilmaamo dhammaystiran oo loogu rakibayo "vanilla" CentOS Raspberry Pi. Waa inaad ku dhammaataa PC-ga (dib u) kabaha wax ka yar 10 ilbiriqsi, isticmaalaya wax ka yar 15 Megabytes ee RAM iyo 1.5 Gigabyte oo microSD ah (dhab ahaantii wax ka yar 1 Gigabyte sababtoo ah aan dhamaystirnayn / kabaha, laakiin aan run sheegno).
Si aad ugu rakibto software-ka marinka Wi-Fi ee nidaamkan, waxaad u baahan doontaa inaad xoogaa kordhiso awoodaha qaybinta heerka CentOS. Ugu horeyn, aan cusboonaysiinno darawalka (firmware) ee ku dhex-jira Wi-Fi adabtarada. Bogga guriga mashruuca wuxuu leeyahay:
Wifi ku yaal Raspberry 3B iyo 3B+
Raspberry PI 3B/3B+ faylasha firmware looma oggola inay qaybiyaan Mashruuca CentOS. Waxaad isticmaali kartaa maqaallada soo socda si aad u fahamto arrinta, u hesho firmware oo aad u dejiso wifi-ga.
Waxa mamnuuc ka ah mashruuca CentOS nagama mamnuucayo isticmaalka shakhsi ahaaneed. Waxaan ku bedelnaa qaybinta Wi-Fi firmware gudaha CentOS mid u dhiganta ka soosaarayaasha Broadcom (kuwa la neceb yahay binary blobs...). Tani, gaar ahaan, waxay kuu ogolaaneysaa inaad u isticmaasho AC habka marinka marinka.
cusboonaysiinta Wi-Fi firmwareSoo hel qaabka aaladda iyo nooca firmware-ka hadda:
# journalctl | grep $(basename $(readlink /sys/class/net/wlan0/device/driver))
Jan 01 04:00:03 router kernel: brcmfmac: F1 signature read @0x18000000=0x15264345
Jan 01 04:00:03 router kernel: brcmfmac: brcmf_fw_map_chip_to_name: using brcm/brcmfmac43455-sdio.bin for chip 0x004345(17221) rev 0x000006
Jan 01 04:00:03 router kernel: usbcore: registered new interface driver brcmfmac
Jan 01 04:00:03 router kernel: brcmfmac: brcmf_c_preinit_dcmds: Firmware version = wl0: Mar 1 2015 07:29:38 version 7.45.18 (r538002) FWID 01-6a2c8ad4
Jan 01 04:00:03 router kernel: brcmfmac: brcmf_c_preinit_dcmds: CLM version = API: 12.2 Data: 7.14.8 Compiler: 1.24.9 ClmImport: 1.24.9 Creation: 2014-09-02 03:05:33 Inc Data: 7.17.1 Inc Compiler: 1.26.11 Inc ClmImport: 1.26.11 Creation: 2015-03-01 07:22:34
Waxaan aragnaa in nooca firmware-ka uu yahay 7.45.18 ee ku taariikhaysan 01.03.2015/XNUMX/XNUMX, oo xasuuso tirooyinka soo socda: 43455 (brcmfmac43455-sdio.bin).
# wget https://downloads.raspberrypi.org/raspbian_lite_latest
# unzip -p raspbian_lite_latest > raspbian.img
# fdisk -l raspbian.img
Disk raspbian.img: 2 GiB, 2197815296 bytes, 4292608 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x17869b7d
Device Boot Start End Sectors Size Id Type
raspbian.img1 8192 532480 524289 256M c W95 FAT32 (LBA)
raspbian.img2 540672 4292607 3751936 1.8G 83 Linux
# mount -t ext4 -o loop,offset=$((540672 * 512)) raspbian.img /mnt
# cp -fv /mnt/lib/firmware/brcm/*43455* ...
'/mnt/lib/firmware/brcm/brcmfmac43455-sdio.bin' -> ...
'/mnt/lib/firmware/brcm/brcmfmac43455-sdio.clm_blob' -> ...
'/mnt/lib/firmware/brcm/brcmfmac43455-sdio.txt' -> ...
# umount /mnt
Faylasha firmware-ka adabtarada Wi-Fi ee soo baxay waa in la koobiyay oo lagu beddelaa "raspberry" tusaha. /usr/lib/firmware/brcm/
Waxaan dib u kicinay routerka mustaqbalka waxaanan dhoola cadeyneynaa:
# journalctl | grep $(basename $(readlink /sys/class/net/wlan0/device/driver))
Jan 01 04:00:03 router kernel: brcmfmac: F1 signature read @0x18000000=0x15264345
Jan 01 04:00:03 router kernel: brcmfmac: brcmf_fw_map_chip_to_name: using brcm/brcmfmac43455-sdio.bin for chip 0x004345(17221) rev 0x000006
Jan 01 04:00:03 router kernel: usbcore: registered new interface driver brcmfmac
Jan 01 04:00:03 router kernel: brcmfmac: brcmf_c_preinit_dcmds: Firmware version = wl0: Feb 27 2018 03:15:32 version 7.45.154 (r684107 CY) FWID 01-4fbe0b04
Jan 01 04:00:03 router kernel: brcmfmac: brcmf_c_preinit_dcmds: CLM version = API: 12.2 Data: 9.10.105 Compiler: 1.29.4 ClmImport: 1.36.3 Creation: 2018-03-09 18:56:28
Version: 7.45.154 ee 27.02.2018/XNUMX/XNUMX.
Iyo dabcan EPEL:
# cat > /etc/yum.repos.d/epel.repo << EOF
[epel]
name=Epel rebuild for armhfp
baseurl=https://armv7.dev.centos.org/repodir/epel-pass-1/
enabled=1
gpgcheck=0
EOF
# yum clean all
# rm -rfv /var/cache/yum
# yum update
4. Habaynta shabakada iyo caqabadaha soo socda
Sida aan kor ku heshiinay, "raspberry" waxay ku xiran tahay "silig" shabakada degaanka. Aynu ka soo qaadno in bixiyaha uu si isku mid ah u bixiyo gelitaanka Internetka: ciwaanka shabkada dadwaynaha waxa si firfircoon u soo saaray serverka DHCP Xaaladdan oo kale, ka dib dejinta ugu dambeysa ee raspberry, kaliya waxaad u baahan tahay inaad "ku xirto" fiilada bixiyaha oo aad dhammayso. Oggolaanshaha la isticmaalayo systemd-networked - mawduuca maqaal gaar ah oo aan halkan lagaga hadlin.
Interface(yada) Raspberry's Wi-Fi waa shabakad maxalli ah, iyo adabtarada ku dhex dhisan Ethernet (eth0) waa dibadda. Aynu tiro ahaan u tirinno shabakada maxaliga ah, tusaale ahaan: 192.168.0.0/24. Ciwaanka raspberry: 192.168.0.1. Adeegga DHCP wuxuu ka shaqayn doonaa shabakadda dibadda (Internet).
Qalalaasaha is-barbar socdaLennart Pottering ayaa soo diyaarisay barnaamijkeeda systemd Aad u wanaagsan. Tani systemd waxa uu si degdeg ah u bilaabaa barnaamijyo kale oo iyaga oo aan wakhti u helin in ay ka soo kabtaan dharbaaxadii garsooraha ee seeriga, ay ku turunturoodaan oo ay dhacaan bilowga iyaga oo aan xitaa bilaabin koorsadooda caqabadda ah.
Laakin si dhab ah, isbarbardhigga gardarada leh ee hababka la bilaabay bilawga nidaamka OS-gu waa nooc ka mid ah "buundada dameeraha" ee khubarada xilliyada leh ee LSB. Nasiib wanaag, keenista nidaamkan "qalalaasaha isbarbar socda" waxay noqotaa mid fudud, in kasta oo aan had iyo jeer muuqan.
Waxaan abuurnaa laba isdhexgal buundada casriga ah oo leh magacyo joogto ah: Lan ΠΈ wan. Waxa aanu βku xidhi doonaaβ adabtarada Wi-Fi ka hore, iyo eth0 βraspberryβ ka labaad.
/etc/systemd/network/lan.netdev:
[NetDev]
Name=lan
Kind=bridge
/etc/systemd/network/lan.network:
[Match]
Name=lan
[Network]
Address=192.168.0.1/24
IPForward=yes
/etc/systemd/network/wan.netdev:
[NetDev]
Name=wan
Kind=bridge
#MACAddress=xx:xx:xx:xx:xx:xx
/etc/systemd/network/wan.network:
[Match]
Name=wan
[Network]
DHCP=ipv4
IPForward=yes
IPForward=haa waxay meesha ka saaraysaa baahida loo qabo in lagu tilmaamo kernel-ka iyada oo loo marayo sysctl si ay awood ugu yeelato dajinta.
MACAdresse= Aynu ka faalloonno oo beddelno haddii loo baahdo.
Marka hore waxaan "isku xireynaa" eth0. Waxaan xasuusannahay "dhibaatada labbiska" waxaana isticmaalnaa kaliya cinwaanka MAC ee interface-kan, kaas oo laga heli karo, tusaale ahaan, sidan oo kale:
# cat /sys/class/net/eth0/address
Waxaan abuurnaa /etc/systemd/network/eth.network:
[Match]
MACAddress=b8:27:eb:xx:xx:xx
[Network]
Bridge=wan
Waxaan tirtirnaa qaabeyntii hore ee eth0, dib-u-bilow Raspberry-ka oo aan helnaa shabakadeeda (cinwaanka IP-gu waxay u badan tahay inuu isbedeli doono):
# rm -fv /etc/systemd/network/eth0.network
# reboot
5.DNSMASQ
Samaynta dhibcaha gelitaanka Wi-Fi, waxba kama garaaco lamaane macaan DNSmasq + la haysto weli ma garan. Fikradeyda.
Haddii qof uu ilaawo, markaas...
Aan ku bilowno dnsmasq:
# yum install dnsmasq
Tusaale /etc/resolv.conf:
nameserver 1.1.1.1
nameserver 1.0.0.1
nameserver 8.8.8.8
nameserver 8.8.4.4
nameserver 77.88.8.8
nameserver 77.88.8.1
domain router.local
search router.local
u tafatir si aad jeceshahay.
ugu yar /etc/dnsmasq.conf:
domain-needed
bogus-priv
interface=lan
bind-dynamic
expand-hosts
domain=#
dhcp-range=192.168.0.100,192.168.0.199,255.255.255.0,24h
conf-dir=/etc/dnsmasq.d
"Sixirka" halkan waxa uu ku yaalaa xadka xidhid-dhaqaale, kaas oo u sheegaya dnsmasq daemon inuu sugo ilaa uu ka soo muuqdo nidaamka interface=lan, oo aanad ka daalin kalinnimada kibirka ee bilawga ka dib.
# systemctl enable dnsmasq
# systemctl start dnsmasq; journalctl -f
6. HOSTAPD
Ugu dambayntiina, qaabaynta sixirka hostapd. Shaki iigama jiro in qof akhrinayo maqaalkan isagoo raadinaya si sax ah khadadkan qaaliga ah.
Kahor intaadan rakibin hostapd, waxaad u baahan tahay inaad ka gudubto "dhibaatada labbiska". Adabtarka Wi-Fi ee ku dhex jira wlan0 wuxuu si fudud u bedeli karaa magaciisa wlan1 marka la isku xidho qalab dheeri ah oo USB Wi-Fi ah. Sidaa darteed, waxaan u hagaajin doonaa magacyada interface ee habka soo socda: waxaan la imaan doonaa magacyo gaar ah oo loogu talagalay adapters-ka (wireless) oo ku xidhi doona cinwaannada MAC.
Ku-dhismay adabtarada Wi-Fi, kaas oo wali wlan0:
# cat /sys/class/net/wlan0/address
b8:27:eb:xx:xx:xx
Waxaan abuurnaa /etc/systemd/network/wl0.link:
[Match]
MACAddress=b8:27:eb:xx:xx:xx
[Link]
Name=wl0
Hadda waan hubin doonnaa taas wl0 - Kani waa Wi-Fi ku dhex-dhisan. Waxaan dib u kicinay Raspberry-ka si aan taas u hubinno.
Ku rakib:
# yum install hostapd wireless-tools
Faylka qaabaynta /etc/hostapd/hostapd.conf:
ssid=rpi
wpa_passphrase=1234567890
channel=36
country_code=US
interface=wl0
bridge=lan
driver=nl80211
auth_algs=1
wpa=2
wpa_key_mgmt=WPA-PSK
rsn_pairwise=CCMP
macaddr_acl=0
hw_mode=a
wmm_enabled=1
# N
ieee80211n=1
require_ht=1
ht_capab=[MAX-AMSDU-3839][HT40+][SHORT-GI-20][SHORT-GI-40][DSSS_CCK-40]
# AC
ieee80211ac=1
require_vht=1
ieee80211d=0
ieee80211h=0
vht_capab=[MAX-AMSDU-3839][SHORT-GI-80]
vht_oper_chwidth=1
vht_oper_centr_freq_seg0_idx=42
Adiga oo aan ilaawin cabbaar
# hostapd /etc/hostapd/hostapd.conf
hostapd wuxuu ku bilaaban doonaa qaab is dhexgal ah, isagoo u baahin doona xaaladiisa console-ka. Haddii aysan jirin khaladaad, markaa macaamiisha taageera qaabka AC waxay awoodi doonaan inay ku xirmaan barta gelitaanka. Si loo joojiyo hostapd - Ctrl-C.
Waxa hadhay oo dhan waa in la awood siiyo hostapd bilowga nidaamka. Haddii aad sameyso shayga caadiga ah (systemctl karti hostapd), ka dib dib-u-kicinta soo socota waxaad heli kartaa jinni "dhiig ku soo qulqulaya" oo leh ogaanshaha "interface wl0 lama helin" Natiijadii "qalalaasaha isbarbar-dhigga," hostapd wuxuu ku bilowday si ka dhaqso badan marka loo eego kernel-ka uu helay adabtarada wireless-ka.
Internetku waxa ka buuxa dawooyin: laga bilaabo wakhtiga khasabka ah ka hor inta aanad bilaabin daemon (dhowr daqiiqo), ilaa daemon kale oo kormeeraya muuqaalka interface-ka oo (dib u) bilaabaya hostpad-ka. Xalalka waa kuwo la shaqayn karo, laakiin aad u fool xun. Waxaan ugu yeereynaa midka weyn caawimaad systemd oo leh "Himilooyin" iyo "hawlaha" iyo "ku-tiirsanaanta".
Ku koobbi faylka adeegga qaybinta /etc/systemd/system/hostapd.service:
# cp -fv /usr/lib/systemd/system/hostapd.service /etc/systemd/system
kuna dhimo waxa ku jira qaabkan soo socda:
[Unit]
Description=Hostapd IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
After=sys-subsystem-net-devices-wl0.device
BindsTo=sys-subsystem-net-devices-wl0.device
[Service]
Type=forking
PIDFile=/run/hostapd.pid
ExecStart=/usr/sbin/hostapd /etc/hostapd/hostapd.conf -P /run/hostapd.pid -B
[Install]
WantedBy=sys-subsystem-net-devices-wl0.device
Sixirka faylka adeegga ee la cusboonaysiiyay wuxuu ku jiraa ku-xidhka firfircoon ee hostapd bartilmaameedka cusub - wl0 interface. Marka interface-ku soo baxo, daemon-ku wuu bilaabmaa; markuu baaba'o, wuu joogsadaa. Oo tan oo dhan waa online - iyada oo aan dib loo bilaabin nidaamka. Farsamadan waxay si gaar ah faa'iido u yeelan doontaa marka la isku xidho adabtarada USB Wi-Fi iyo Raspberry.
Hadda waxaad awoodaa:
# systemctl enable hostapd
# reboot
7. IPTABLES
"Waa maxay???" Β© Haa, haa! Midna systemd. Ma jiraan wax cusub oo la isku daray (qaabka dab-damis), kaas oo ku dhameeya samaynta wax la mid ah.
Aan isticmaalno kii hore ee wanaagsan Iptables, kuwaas oo adeegyadoodu, ka dib bilawga, ay ku shubi doonaan xeerarka shabakada kernel-ka oo si aamusnaan ah u xidhi doona iyada oo aan deganayn oo aan isticmaalin agabka. systemd waxa uu leeyahay xarrago leh IPMasquerade=, laakiin waxaan wali ku aamini doonaa turjumaada cinwaanka (NAT) iyo firewall iptables.
Ku rakib:
# yum install iptables-services
# systemctl enable iptables ip6tables
Waxaan doorbidayaa inaan u kaydiyo qaabaynta iptables qoraal ahaan (tusaale):
#!/bin/bash
#
# Disable IPv6
#
ip6tables --flush
ip6tables --delete-chain
ip6tables --policy INPUT DROP
ip6tables --policy FORWARD DROP
ip6tables --policy OUTPUT DROP
ip6tables-save > /etc/sysconfig/ip6tables
systemctl restart ip6tables
#
# Cleaning
#
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
#
# Loopback, lan
#
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -i lan -j ACCEPT
#
# Ping, Established
#
iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
#
# NAT
#
iptables -t nat -A POSTROUTING -o wan -j MASQUERADE
#
# Saving
#
iptables-save > /etc/sysconfig/iptables
systemctl restart iptables
Waxaan fulinaa qoraalka sare waxaanan luminaa awooda aan ku samaynayno xidhidhyo SSH cusub oo fiilsan Raspberry-ka. Taasi waa sax, waxaanu samaynay Wi-Fi router, marin u helka kaas oo "internetka" laga mamnuucay asal ahaan - hadda kaliya "hawada". Waxaan isku xireynaa fiilo bixiyaha bixiyaha waxaanan bilownay surfing!
8. Bonus: +2,4GHz
Markii aan ururiyay router-kii ugu horreeyay ee Raspberry-ka aniga oo isticmaalaya sawirka kore ee lagu sharraxay, waxaan gurigayga ka helay tiro qalabyo ah oo, xaddidaaddooda naqshadeynta Wi-Fi awgeed, aysan arki karin "raspberry" gabi ahaanba. Dib-u-habaynta router-ka si uu ugu shaqeeyo 802.11b/g/n wuxuu ahaa mid aan isboorti ahayn, maadaama xawaaraha ugu badan ee "hawada" kiiskani aanu ka badnayn 40 Mbit, iyo bixiyaha internetka ee aan jeclahay ayaa i siiya 100 (oo loo sii marayo fiilada).
Dhab ahaantii, xalinta dhibaatada ayaa mar hore la hindisay: Wi-Fi interface labaad oo ku shaqeeya inta jeer ee 2,4 GHz, iyo barta gelitaanka labaad. Meel u dhow ma aanan iibsan kii ugu horreeyay, laakiin USB-ga labaad ee Wi-Fi βfiririβ ayaan la kulmay. Iibiyaha ayaa lagu dhibay su'aalo ku saabsan Chipset-ka, ku habboonaanta ARM Linux kernels iyo suurtagalnimada in uu ku shaqeeyo qaabka AP (wuxuu ahaa kii ugu horreeyay ee bilaabay).
Waxaan u habaynaynaa "firiri" anagoo isbarbar dhig ku samaynayna adabtarada Wi-Fi ee ku dhex dhisan.
Marka hore aan u magacowno wl1:
# cat /sys/class/net/wlan0/address
b0:6e:bf:xx:xx:xx
/etc/systemd/network/wl1.link:
[Match]
MACAddress=b0:6e:bf:xx:xx:xx
[Link]
Name=wl1
Waxaan ku aamini doonaa maamulka Wi-Fi-ga cusub ee daemon hostapd gaar ah, kaas oo bilaabi doona oo joojin doona iyadoo ku xiran jiritaanka "firiri" si adag loo qeexay ee nidaamka: wl1.
Faylka qaabaynta /etc/hostapd/hostapd2.conf:
ssid=rpi2
wpa_passphrase=1234567890
#channel=1
#channel=6
channel=11
interface=wl1
bridge=lan
driver=nl80211
auth_algs=1
wpa=2
wpa_key_mgmt=WPA-PSK
rsn_pairwise=CCMP
macaddr_acl=0
hw_mode=g
wmm_enabled=1
# N
ieee80211n=1
require_ht=1
ht_capab=[HT40][SHORT-GI-20][SHORT-GI-40][DSSS_CCK-40]
Waxa ku jira faylkani waxay si toos ah ugu xidhan yihiin qaabka adabtarada USB Wi-Fi, markaa waxa laga yaabaa in koobiga banalku kugu dhaco.
Ku koobbi faylka adeegga qaybinta /etc/systemd/system/hostapd2.service:
# cp -fv /usr/lib/systemd/system/hostapd.service /etc/systemd/system/hostapd2.service
kuna dhimo waxa ku jira qaabkan soo socda:
[Unit]
Description=Hostapd IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
After=sys-subsystem-net-devices-wl1.device
BindsTo=sys-subsystem-net-devices-wl1.device
[Service]
Type=forking
PIDFile=/run/hostapd2.pid
ExecStart=/usr/sbin/hostapd /etc/hostapd/hostapd2.conf -P /run/hostapd2.pid -B
[Install]
WantedBy=sys-subsystem-net-devices-wl1.device
Waxa hadhay oo dhan waa in la suurtogeliyo tusaale cusub oo hostapd:
# systemctl enable hostapd2
Waa intaas! Soo jiid "firiri" iyo "raspberry" laftiisa, fiiri shabakadaha wirelesska ee kugu wareegsan.
Ugu dambeyntiina, waxaan rabaa inaan kaaga digo tayada USB Wi-Fi adabtarada iyo korontada Raspberry. "Feriri kulul" oo ku xiran waxay mararka qaarkood keeni kartaa "raspberry baraf" sababtoo ah dhibaatooyinka korantada ee muddada gaaban.
Source: www.habr.com