安装openssl:
sudo apt-get install openssl sudo apt-get install libssl-dev build-essential zlibc zlib-bin libidn11-dev libidn11
下载wpa_supplicant
wget http://hostap.epitest.fi/releases/wpa_supplicant-2.0.tar.gz tar -xzvf wpa_supplicant-2.0.tar.gz cd wpa_supplicant-2.0 cd wpa_supplicant vi .config
粘贴以下内容保存
#.config # # Uncomment following two lines and fix the paths if you have installed openssl # in non-default location #CFLAGS += -I/usr/local/openssl/include #LIBS += -L/usr/local/openssl/lib # Driver interface for Host AP driver #CONFIG_DRIVER_HOSTAP=y # Driver interface for Agere driver #CONFIG_DRIVER_HERMES=y # Change include directories to match with the local setup #CFLAGS += -I../../hcf -I../../include -I../../include/hcf #CFLAGS += -I../../include/wireless # Driver interface for Prism54 driver # (Note: Prism54 is not yet supported, i.e., this will not work as-is and is # for developers only) #CONFIG_DRIVER_PRISM54=y # Driver interface for ndiswrapper #CONFIG_DRIVER_NDISWRAPPER=y # Driver interface for Atmel driver #CONFIG_DRIVER_ATMEL=y # Driver interface for Broadcom driver #CONFIG_DRIVER_BROADCOM=y # Example path for wlioctl.h; change to match your configuration #CFLAGS += -I/opt/WRT54GS/release/src/include # Driver interface for Intel ipw2100/2200 driver #CONFIG_DRIVER_IPW=y CONFIG_DRIVER_MADWIFI=y # Change include directories to match with the local setup CFLAGS += -I../madwif CONFIG_DRIVER_WEXT=y # Driver interface for FreeBSD net80211 layer (e.g., Atheros driver) #CONFIG_DRIVER_BSD=y #CFLAGS += -I/usr/local/include #LIBS += -L/usr/local/lib # Driver interface for Windows NDIS #CONFIG_DRIVER_NDIS=y #CFLAGS += -I/usr/include/w32api/ddk #LIBS += -L/usr/local/lib # For native build using mingw #CONFIG_NATIVE_WINDOWS=y # Additional directories for cross-compilation on Linux host for mingw target #CFLAGS += -I/opt/mingw/mingw32/include/ddk #LIBS += -L/opt/mingw/mingw32/lib #CC=mingw32-gcc # Driver interface for development testing #CONFIG_DRIVER_TEST=y # Driver interface for wired Ethernet drivers #CONFIG_DRIVER_WIRED=y CONFIG_IEEE8021X_EAPOL=y # EAP-MD5 (automatically included if EAP-TTLS is enabled) CONFIG_EAP_MD5=y # EAP-MSCHAPv2 (automatically included if EAP-PEAP is enabled) CONFIG_EAP_MSCHAPV2=y # EAP-TLS CONFIG_EAP_TLS=y # EAL-PEAP CONFIG_EAP_PEAP=y # EAP-TTLS CONFIG_EAP_TTLS=y # EAP-GTC CONFIG_EAP_GTC=y # EAP-OTP CONFIG_EAP_OTP=y # LEAP CONFIG_EAP_LEAP=y # PKCS#12 (PFX) support (used to read private key and certificate file from # a file that usually has extension .p12 or .pfx) CONFIG_PKCS12=y # Include control interface for external programs, e.g, wpa_cli CONFIG_CTRL_IFACE=y
编译与安装:
make make install
配置并连接路由器:
#! /bin/sh -
insmod /etc/Wireless/RT2870STA/mt7601Usta.ko
wlan_no="ra0"
echo Please choose WiFi connect mode
echo "(1,no_pass),(2,wpa_psk),(3,wpa2_psk)"
read conn_mod
if [ "$conn_mod" = "1" ]
then
#1.1 get essid
echo Welcom to no_pass mode!
iwlist $wlan_no scan | grep ESSID
echo Please choose a essid:
read inputssid
if [ `iwlist $wlan_no scan | grep $inputssid`x != "x" ]
then
echo "input ok!"
#1.2 connect!
iwconfig $wlan_no essid $inputssid
dhclient $wlan_no
fi
echo done
fi
if [ "$conn_mod" = "2" ]
then
#2.1 copy wlan wpa psk config file to /etc/wpa_supplicant/
cp wpa_supplicant.wpa /etc/wpa_supplicant/wpa_supplicant.conf
#2.2 get essid and password phrase
echo Welcom to wpa_psk mode!
iwlist $wlan_no scan | grep ESSID
echo Please choose a essid:
read inputssid
if [ `iwlist $wlan_no scan | grep $inputssid`x != "x" ]
then
echo "input ok!"
echo "please input your password:c"
read inputpass
ph_pass=`wpa_passphrase $inputssid $inputpass | grep psk= | sed -n 2p | awk -F '=' '{print $2}'`
echo $ph_pass
#2.3 modify /etc/wpa_supplicant/wpa_supplicant.conf
sed -i "s/my_network/$inputssid/g" /etc/wpa_supplicant/wpa_supplicant.conf
sed -i "s/"secret_password"/$ph_pass/g" /etc/wpa_supplicant/wpa_supplicant.conf
#2.4 connect!
wpa_supplicant -B -i $wlan_no -D wext -c /etc/wpa_supplicant/wpa_supplicant.conf
dhclient $wlan_no
fi
echo done
fi
if [ "$conn_mod" = "3" ]
then
#3.1 copy wlan wpa2 psk config file to /etc/wpa_supplicant/
cp wpa_supplicant.wpa2 /etc/wpa_supplicant/wpa_supplicant.conf
#3.2 get essid and password phrase
echo Welcom to wpa2_psk mode!
iwlist $wlan_no scan | grep ESSID
echo Please choose a essid:
read inputssid
if [ `iwlist $wlan_no scan | grep $inputssid`x != "x" ]
then
echo "input ok!"
echo "please input your password:c"
read inputpass
ph_pass=`wpa_passphrase $inputssid $inputpass | grep psk= | sed -n 2p | awk -F '=' '{print $2}'`
echo $ph_pass
#3.3 modify /etc/wpa_supplicant/wpa_supplicant.conf
sed -i "s/my_network/$inputssid/g" /etc/wpa_supplicant/wpa_supplicant.conf
sed -i "s/"secret_password"/$ph_pass/g" /etc/wpa_supplicant/wpa_supplicant.conf
#3.4 connect!
wpa_supplicant -B -i $wlan_no -D wext -c /etc/wpa_supplicant/wpa_supplicant.conf
dhclient $wlan_no
fi
echo done
fi
配置文件1(wpa_supplicant.wpa).
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=0
eapol_version=1
# ap_scan=2 was the one for me you may try 0 or 1 indstead of 2
ap_scan=2
fast_reauth=1
network={
ssid="my_network"
proto=WPA
key_mgmt=WPA-PSK
pairwise=TKIP
group=TKIP
psk="secret_password"
}
配置文件2(wpa_supplicant.wpa2)
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=0
ap_scan=1
network={
ssid="my_network"
proto=RSN
key_mgmt=WPA-PSK
pairwise=CCMP TKIP
group=CCMP TKIP
psk="secret_password"
}
ap脚本:
#! /bin/sh -
# use ra0 as a gateway
# use wlan0(rtl8192cu) as an AP
wlan_gw_no="ra0"
wlan_no="wlan0"
ifconfig $wlan_no 172.16.0.1/16
sudo iptables -F
iptables -t filter -F
iptables -t nat -F
iptables -t mangle -F
gw=`ifconfig | awk 'BEGIN{FS="
";RS=""} NR==3 {print $2}' | awk '{print $2}' | awk -F ':' '{print $2}'`
#sudo iptables -t nat -A POSTROUTING -o $wlan_gw_no -j MASQUERADE
sudo iptables -t nat -A POSTROUTING -o $wlan_gw_no -s 172.16.1.0/24 -j SNAT --to-source $gw
iptables -nL -vv -t nat
killall dnsmasq
killall hostapd
ifconfig $wlan_no 172.16.0.1/16
hostapd -B /etc/hostapd/hostapd.conf
/etc/init.d/dnsmasq restart
echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
echo 1 > /proc/sys/net/ipv4/ip_forward
sleep 5
echo dhcp:
ps -e | grep dns
echo hosapd:
ps -e | grep ap
结束