1. Home
  2. Wireless Networking
  3. repeat between two hostap cards (in single PC)

repeat between two hostap cards (in single PC)

Hi! Here's my current situation:

- I have PC with two Prism2.5 based wireless cards in one PC

- the card nr1 (wlan0) is connected to antenna placed on top of the roof

- the card nr2 (wlan1) is working as Access Point and is connected to small antenna placed in my apartment

When using a wlan0 I could reach my provider AP (AP_Master). What I need to do, is let my home computers to connect to AP_Master. So I need to repeat signal from wlan0 to wlan1 and vice versa in order to make it. Is there any way to do this? I would be more than happy if I could pass

*all* traffic between wlan0 and wlan1 (raw frames?), so I could see on my home computers every Access Points that can be seen by wlan0 and connect to them, but I will be also happy when I'll be able to connect with AP_Master only.

I tried bridging wlan0 and wlan1. I even try to configure WDS for wlan0 and wlan1, but I get no results.

Ps. Sorry for my english

Reply to
Booski Cinek
Loading thread data ...

Depending on your OS, there may be a bridge device you can configure to do this. Look for "br0".

The simplest way to share the connection is probably to just run NAT on your internal networks (wlan1 or even eth0 if you start using that). That's what I do. I have my main machine claim all the addresses my ISP gives me (via an "alias X.X.X.X") in the ifconfig file for the external interface. Then I add these aliased addresses to the pool that NAT may use. In the NAT config file I allow some workstations get their own private address, others get to draw from the available ports at a single IP address.

-wolfgang

Reply to
Wolfgang S. Rupprecht

I'm using linux and I have already tried to make a wlan0-wlan1 bridge. It doesn't work.

Hmmm...I'm already under one NAT (my provider's NAT). Anyway, I tried to mess with NAT. Here's what I did on my HostAP box: echo 1 > /proc/sys/net/ipv4/ip_forward iptables -F iptables -F INPUT iptables -F OUTPUT iptables -F FORWARD iptables -F -t mangle iptables -t mangle -X iptables -F -t nat iptables -t nat -X iptables -X iptables -P INPUT ACCEPT iptables -P OUTPUT ACCEPT iptables -P FORWARD ACCEPT

wlan0 (master AP client) address: 192.168.1.194 (gateway 192.168.1.1) wlan1 (home AP) address: 192.168.230.1 DHCP server with addresses from the same class (192.168.230.x)

#route Destination Gateway Genmask Flags Metric Ref Use Iface

192.168.230.0 * 255.255.255.0 U 0 0 0 wlan1 192.168.1.0 * 255.255.255.0 U 0 0 0 wlan0 default 192.168.1.1 0.0.0.0 UG 0 0 0 wlan0
  1. I can ping the Internet from HostAP box
  2. I can ping the gateway form HostAP box
  3. I can ping my home computer connected to wlan1 AP
  4. I can ping my wlan1 AP from my home computer
  5. I can ping my wlan0 (192.168.1.194) from my home computer
  6. I can't ping the gateway (192.168.1.1) from my home computer

Any ideas?

No way. I want wifi only, no ethernet.

Reply to
Booski Cinek

Sorry, I can't spot-read iptables yet. I'm still using an openbsd system with "pf" to do the NAT. Hopefully someone else will post their working iptables NAT file to compare to.

Ping may not be a good test. It is very difficult to NAT. There isn't enough information to get the echo-reply back to the sending host in all cases. Echo-request and echo-reply are raw IP without anything like the tcp and udp port numbers to draw on. Tagging the outgoing packet with a unique port and using that port number to decide who should get the packet just isn't possible.

I would test with tcp and if possible sniff the traffic coming out of and going into the internet side of the nat-ing box. See if the nat-ed IP looks right and if you get a reply that gets lost going through the NAT box in the internet->local direction.

Basically a tcpdump or ethereal on each interface should help show what is going on.

-wolfgang

Reply to
Wolfgang S. Rupprecht

It's working already - I forgot to load iptables module:/. And it appears that I only need to load iptables_nat and use only one iptables rule: iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE

Reply to
Booski Cinek

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.