Wireless access point daemon
Karma a version of hostapd for creating rogue access points.
NAT or Bridge
IP's must be handed out to the connecting clients so one or the other must be configured
- NAT - creates a new subnet ".. with IP forwarding/masquerading and DHCP service (wireless clients will use a dedicated subnet, data from/to that subnet is NAT-ted – similar to a normal WiFi router that's connected to your DSL or cable modem)" – Archwiki > see the Firewalls article
- Bridge - ".. Simple, but it requires that any service that's needed by your wireless clients (like, DHCP) is available on your computers external interface. That means it will not work if you have a dialup connection (e.g., via PPPoE or a 3G modem) or if you're using a cable modem that will supply exactly one IP address to you via DHCP." –ArchWiki > You need to create a network bridge and add your network interface (e.g. eth0) to it. You should not add the wireless device (e.g. wlan0) to the bridge; hostapd will add it on its own. > >If you use netctl, see Bridge with netctl for details (just do not add tap0 used in that example).
Configuration
System configuration is stored in /etc/hostapd/hostapd.conf.
To override at runtime: sudo hostapd /path/to/hostapd.conf
General use, non-Karma, WPA/WPA2 config
From nims.wordpress.com
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
#sets the wifi interface to use, is wlan0 in most cases
interface=wlan0
#driver to use, nl80211 works in most cases
driver=nl80211
#sets the ssid of the virtual wifi access point
ssid=dontMessWithVincentValentine
#sets the mode of wifi, depends upon the devices you will be using. It can be a,b,g,n. Setting to g ensures backward compatiblity.
hwmode=g
#sets the channel for your wifi
channel=6
#macaddracl sets options for mac address filtering. 0 means "accept unless in deny list"
macaddracl=0
#setting ignorebroadcastssid to 1 will disable the broadcasting of ssid
ignorebroadcastssid=0
#Sets authentication algorithm
#1 - only open system authentication
#2 - both open system authentication and shared key authentication
authalgs=1
#####Sets WPA and WPA2 authentication#####
#wpa option sets which wpa implementation to use
#1 - wpa only
#2 - wpa2 only
#3 - both
wpa=3
#sets wpa passphrase required by the clients to authenticate themselves on the network
wpapassphrase=KeePGuessinG
#sets wpa key management
wpakeymgmt=WPA-PSK
#sets encryption used by WPA
wpapairwise=TKIP
#sets encryption used by WPA2
rsnpairwise=CCMP
#################################
#####Sets WEP authentication#####
#WEP is not recommended as it can be easily broken into
wepdefaultkey=0
wepkey0=qwert #5,13, or 16 characters
#optionally you may also define wepkey2, wepkey3, and wep_key4
#################################
#For No encryption, you don't need to set any options
non-Karma w/ WPA2
1
2
3
4
5
6
7
8
9
10
11
12
interface=tpl0
driver=nl80211
ssid=2WIRE022
hwmode=g
channel=10
macaddracl=0
authalgs=1
ignorebroadcastssid=0
wpa=2
wpapassphrase=SecretPassword1234
wpakeymgmt=WPA-PSK
rsn_pairwise=CCMP
Karma w/ WEP
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
# config file to use with the Karma'd version of hostapd
# created by Robin Wood - robin@digininja.org - www.digininja.org
interface=tpl0
driver=nl80211
countrycode=US
ssid=AndroidAP
channel=3
wepdefaultkey=0
wepkey0=SecretPassword1234
# Both open and shared auth
authalgs=3
# no SSID cloaking
ignorebroadcastssid=0
# -1 = log all messages
loggersyslog=-1
loggerstdout=-1
# 2 = informational messages
loggersysloglevel=2
loggerstdoutlevel=2
# Dump file for state information (on SIGUSR1)
# example: kill -USR1 <pid>
dumpfile=/tmp/hostapd.dump
ctrlinterface=/var/run/hostapd
ctrlinterfacegroup=adm
# 0 = accept unless in deny list
macaddracl=0
# only used if you want to do filter by MAC address
acceptmacfile=/etc/hostapd/hostapd.accept
denymacfile=/etc/hostapd/hostapd.deny
# Finally, enable Karma
enablekarma=0
# Black and white listing
# 0 = white
# 1 = black
karmablack_white=1