Ubuntu Gateway / Access Point Server
I’ve been wanting to play wifi king for a long time. Providing free wireless internet access to a reasonable sized area. Finally I got to have a play.
The basic idea is to have a server which shares the internet from a standard connection (e.g DSL) to anyone who connects wirelessly. “You mean a wireless access point, why can’t I just buy a £30 wireless AP?”
Well..
Benefits of running our server over buying a standard wireless access point (AP):
Many run of the mill wireless APs fail under high traffic – With our server, we can use a better processor and increase RAM as required.
Caching – If you’re serving a lot of users then you can save on bandwidth and speed up users browsing experience by using a caching proxy like squid. Basically, when one user views a video on youtube (depending on your squid cache file size settings), squid makes a copy of it and then serves its copy to any future requests. This is quicker than downloading it from youtube and serving it to the client again. You can configure file sizes and cache file life time.
Filtering – For bandwidth saving or corporate reasons you can setup a filter with squid to block access to certain sites, certain types of site or content-type. For example you could block access to youtube or block all video files completley.
Advertising – You can incporporate your own advertising into sites that you’re serving. If you wanted to get into the nitty gritty then you could monitor traffic and serve ads based on user behavour (like phorm, I guess)
What do I need?
The great thing is, to do something like this, you don’t need any pricey hardware.
What you need:
- A computer and operating system (In my case, Ubuntu 9.04)
- A network card that uses our connection from the ISP
- A wireless card that supports ‘master mode’ in linux.
1) The box I’m using in this example was originally used as my desktop system and is far more powerful than what you realistically need. I prefer using laptops (especially when going to and from work) so I’ve converted it for this project.
The specs are:
Processor – Intel Core 2 Quad Q6600 2.4ghz 8mb L2 cache
Motherboard – Intel BLKDG35EC
RAM – 8gb (4 x 2GB Kingston DDR2 PC800)
HD – Western Digital 320GB 7200RPM SATA
Graphics – Nvidia Inno3d 8600GT PCIE 512mb S-video/DVI/VGA
Network – Onboard gigabit ethernet, TP-LINK TL-WN651g
Case – Basic case
Power – ACBEL INTELLIGENT POWER 610W ACTIVE PFC
I’m running Ubuntu 9.04. For this example, I’ll be assuming that everyone is running Ubuntu 9.04 but it shouldn’t vary that much between different linux distros.
2) I’m using my onboard network card connected to a DSL modem. I actually want to replace this step with an internal PCI modem but I’m having trouble finding a suitable card right now.
3) This one took me a long time! I originally hoped I could use USB wifi adapters since this would make it easier to use many to service a big wireless area. I have tested many usb wifi adapters and had no problem getting them to act as access points/’master mode’ in Windows XP but not in Ubuntu! (For those interested, I had best success with adapters using the r8187 chipset).
It was a bit easier finding a PCI wifi card that would work in master mode. The easiest thing to do is find any card which uses an Atheros chipset and use madwifi drivers (explained later). I loaded a few local computer shop websites and then checked their stock against the madwifi compatibility list. I eventually ended up with a TP-LINK TL-WN651g.
Configuring the server
The first thing to do is install Ubuntu. Download the ISO, burn to DVD and install. I won’t go into detail on this because there’s nothing to do really.
Configure the network card to take connection from our ISP
Open a terminal and edit /etc/network/interfaces by adding the following:
#isp
auto eth0
iface eth0 inet dhcp
This assumes that you’re plugging this network card into a source that’s running a DHCP server such as a standard router/DSL modem. If you run ‘/etc/init.d/networking restart’ you should now be online, great!
Configure DNS
Since we’re going to act as an access point, we need to enter the DNS servers we’re going to use. You can enter your ISPs DNS servers or free ones like those provided by OpenDNS. In this example, I’ll assume you’re going to use OpenDNS.
Open a terminal and edit /etc/resolv.conf so that it reads as the following:
nameserver 208.67.222.222
nameserver 208.67.220.220
Configuring the wireless card with madwifi drivers
To get the wireless card to act as an access point we need special drivers known as madwifi. To set this up I simply plugged my pci wireless card into the server and then (in gnome session) I clicked ’system>administration>hardware drivers’ where it automatically searched for drivers and offered me ‘Alternate Atheros “madwifi” driver. I simply selected and enabled this driver.
After this, I run the following command in a terminal:
apt-get install madwifi-tools
This installs a package of tools we need to configure the card as an access point.
To force the card to always go into AP mode, we’re going to edit file ‘/etc/modprobe.d/madwifi' by adding the following to it:
options ath_pci autocreate=ap
After adding the above, we’ll run ‘modprobe ath_pci'
Configure wireless card to setup access point
Again we’re going to open a terminal and edit our /etc/network/interfaces file by adding the following:
#wifi ap
auto ath0
iface ath0 inet static
wireless-mode master
wireless-essid linksys
address 192.168.1.1
network 192.168.1.0
netmask 255.255.255.0
broadcast 192.168.1.255
If you run ‘/etc/init.d/networking restart’ and scan for wireless access points from another computer, you should now see an access point called ‘linksys’. We’re not done yet though! If you connect, nothing’s going to happen.
Configure the server to route the traffic from the wirless through our ISP connection (eth0)
In terminal run ‘echo boxer > /etc/hostname’
Edit ‘/etc/hosts’ to look the same as:
127.0.0.1 boxer localhost.localdomain localhost
192.168.0.100 boxer server# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
Make a new file ‘/etc/init.d/iptables’ and copy the following into it:
#! /bin/sh
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
iptables -t nat -A POSTROUTING -o ath0 -j MASQUERADE
To make our new file executable, run ‘chmod +x /etc/init.d/iptables’ and then to make it run on startup run ‘update-rc.d iptables defaults ‘
Install DHCP server
We need to install a DHCP server so that when clients connect, they’re given an IP address. To do this, run
apt-get install dhcp3-server
After this is installed, edit ‘/etc/default/dhcp3-server’ so that INTERFACES=”ath0″
Next, add the following to the bottom of file ‘/etc/dhcp3/dhcpd.conf’
authoritative;
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.100 192.168.1.200;
option domain-name-servers 208.67.222.222,208.67.220.220;
option routers 192.168.1.1;
default-lease-time 600;
max-lease-time 7200;
}
Reboot
Everything should now be installed and setup. Now we reboot, cross our fingers and hope everything worked.
Conclusion
I want to update this post with how to install and configure squid as a transparent caching proxy (no need to configure the clients). Right now this just feeds traffic straight through.
I also want to keep working on getting USB wifi adapters working in ‘master/AP’ mode since this would greatly help servicing a large area. Imagine, you can use multiple cheap USB wifi adapters with a different range of antennas connected.
I’m not a linux guru and a lot of this information I’ve learnt/collated from different forums, sites and such like. I can’t see that I’ve missed anything out but let me know if you run into any problems.
Did you like this? If so, please bookmark it,