Wireless Interface Bridging

Install Host Access Point Daemon (hostapd):

Install an Access Point Server

sudo apt install hostapd

hostapd does not include a sample configuration file that you modify. You have to create your own, and place it in the /etc/hostapd directory. My hostapd.conf file is:

# the country code
country_code=US

# limit radio frequencies to those allowed in country
ieee80211d=1

interface=wlan0

# network name
ssid=hacker2

# a is the 5 GHz radio
hw_mode=a

# 801.11ac support
ieee80211ac=1

# 802.11n support
ieee80211n=1

# raido channel
channel=149

# QoS support, also required for full speed on 802.11n/ac/ax
wmm_enabled=1

# disable this to insure the AP is visible
ignore_broadcast_ssid=0

# ------ authentication and Encryption-------

# wep has been cracked - do not use 2 or 3
# 1=wpa, 2=wep, 3=both
auth_algs=1

# wpa=2 or wpa=3
wpa=2
wpa_key_mgmt=WPA-PSK
rsn_pairwise=CCMP

# network password
wpa_passphrase=misscoco

# mac address authentication list (macaddr_acl)
# macaddr_acl=0, accepts all mac address unless in hostapd.deny
# The location of hostapd.deny is specified via the line below, which is commented out.
#deny_mac_file=/etc/hostapd.deny
macaddr_acl=0
              

Change the following in my "hostapd.conf" to suite your needs:

• ssid=hacker2
• wpa_passphrse=misscoco
• channel=149

Run Hostapd at boot

To get hostapd to run on start up:

In the file /etc/default/hostapd find the line, DAEMON_CONF="". Uncomment it, and change it to:

DAEMON_CONF="/etc/hostapd/hostapd.conf

Then run the following two comands:

sudo systemctl unmask hostapd

sudo systemctl enable hostad

Bridge wlan0 and eth0

Now, you can bridge wlan0 and eth0

My script file for bridging wlan0 and eth0 on a Raspberry Pi is:

#!/bin/bash

# bring up interfaces, but do not assign ip addresses
ip link set dev wlan0 up
ip link set dev eth0 up

# creat a bridge named "br0"
sudo ip link add name br0 type bridge

# added the interfaces to the bridge
ip link set dev wlan0 master br0
ip link set dev eth0 master br0

# bring up the bridge
ip link set dev br0 up

# assign the bridge an ip address
ip address add 192.168.75.254/24 brd + dev br0
              

Network Address Translation (NAT)

All packet leaving the output interface eth1 need to have their source address changed to the address of the Linux router (masquerading).

My simple file for masquerading (/etc/masquerade_eth1.nft) is:

table inet router {
   chain postrouting {
      type nat  hook postrouting priority filter; policy accept;
      oifname "eth1" masquerade
   }
}

              

Hostapd runs on startup, and I run both bridge_wlan0_eth0.sh and the nft masquerade file from sudo's crontab @reboot:

@reboot sleep 5s; /etc/bridge_wlan0_eth0.sh
@reboot /usr/sbin/nft /etc/masquerade_eth1.nft

To get this to work, I had to add the 5 second sleep command. I do not know what the optimal time is.

A Big Disadvantage of using hostapd is that it can not scan and automaticially select the best channel to use.

Because I did not install a DHCP server, I had to manually set a static IP address for the host that logged into the hostapd server.

Or is it hospatd mac address authenication list making this work !!!. Change it and see !!1

It did everything I wanted.

it did work with wlan0.

Try it with wlan0 and eth0.

You can also include that it is bridged in your hostapd.conf - Try it.