使用 Beaglebone。
我已成功设置 AP,但无法桥接 eth0 和 wlan1。
使用的应用程序:hostapd、dnsmasq、bridge-utils
/etc/dnsmasq.conf
interface=wlan1
dhcp-range=10.10.1.2,10.10.99.254,255.0.0.0,12h
/etc/hostapd/hostapd.conf
interface=wlan1
country_code=US
driver=nl80211
ssid=mySSID
hw_mode=g
channel=6
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0
wpa=2
wpa_passphrase=password
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP
eapol_key_index_workaround=0
/etc/network/interfaces 前设置桥梁
auto lo eth0 eth0:1
iface lo inet loopback
iface eth0 inet static
address 192.168.2.99
netmask 255.255.255.0
gateway 192.168.2.1
dns-nameservers 8.8.8.8
iface eth0:1 inet static
address 192.168.1.226
netmask 255.255.255.0
broadcast 192.168.1.255
network 192.168.1.0
gateway 192.168.1.1
auto usb0 wlan1
iface usb0 inet static
address 192.168.7.2
netmask 255.255.255.0
network 192.168.7.0
gateway 192.168.7.2
iface wlan1 inet static
hostapd /etc/hostapd/hostapd.conf
address 10.10.1.1
network 10.10.1.0
netmask 255.0.0.0
broadcast 10.10.1.255
wireless-power on
#dns-nameservers 8.8.8.8 8.8.4.4
up iptables-restore < /etc/network/iptables.rules
/etc/network/interfaces 后设置桥梁
auto lo eth0
iface lo inet loopback
iface eth0 inet manual
auto usb0 wlan1
iface usb0 inet static
address 192.168.7.2
netmask 255.255.255.0
network 192.168.7.0
gateway 192.168.7.2
iface wlan1 inet manual
hostapd /etc/hostapd/hostapd.conf
wireless-power on
iface br0 inet static
bridge_ports eth0 wlan1
address 10.10.1.1
network 10.10.1.0
netmask 255.0.0.0
broadcast 10.10.1.255
gateway 10.10.1.1
pre-up iwconfig wlan1 essid mySSID
bridge_hw xx:xx:xx:xx:xx:xx #mac address of wireless card
#dns-nameservers 8.8.8.8 8.8.4.4
up iptables-restore < /etc/network/iptables.rules
我能够连接到网络mySSID,但无法 ping 10.10.1.1、连接到那里运行的任何服务或任何其他设备。 DHCP 之前和之后都不起作用(我可以稍后尝试修复的小问题),并且我通过设置静态 IP 进行连接。
这是我运行命令时显示的内容sudo iptables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere icmp echo-request
ACCEPT tcp -- anywhere anywhere tcp dpt:12347
ACCEPT tcp -- anywhere anywhere tcp dpt:12346
ACCEPT tcp -- anywhere anywhere tcp dpt:12345
ACCEPT tcp -- anywhere anywhere tcp dpt:webmin /* Allow connection to webmin */
DROP all -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
/etc/network/iptables.rules文件
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [123:13390]
-A INPUT -i lo -j ACCEPT
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 12347-j ACCEPT
-A INPUT -p tcp -m tcp --dport 12346 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 12345-j ACCEPT
-A INPUT -p tcp -m tcp --dport 10000 -m comment --comment "Allow connection to webmin" -j ACCEPT
-A INPUT -j DROP
COMMIT
答案1
在您的网络配置中,您的network、netmask、 和broadcast配置不一致...它们是错误的。
iface br0 inet static
bridge_ports eth0 wlan1
address 10.10.1.1
network 10.10.1.0 <-------
netmask 255.0.0.0 <-------
broadcast 10.10.1.255 <-------
gateway 10.10.1.1
如果您的网络是10.10.1.0并且广播是10.10.1.255,则网络掩码应该是255.255.255.0。
如:
iface br0 inet static
bridge_ports eth0 wlan1
address 10.10.1.1
network 10.10.1.0
netmask 255.255.255.0
broadcast 10.10.1.255
gateway 10.10.1.1
这里dhcp-range应该/etc/dnsmasq.conf是:
dhcp-range=10.10.1.2,10.10.1.254,255.255.255.0,12h
如果你真的想要更多的设备,并且更广泛的设备netmask是故意的,那么它是broadcast错误的,并纠正它:
iface br0 inet static
bridge_ports eth0 wlan1
address 10.10.1.1
network 10.10.1.0
netmask 255.0.0.0
broadcast 10.255.255.255
gateway 10.10.1.1
这里dhcp-range可能/etc/dnsmasq.conf是:
dhcp-range=10.10.1.2,10.255.255.254,255.0.0.0,12h
如果您还使用桥接网络,现在 dnsmask 中的接口也会更改:
interface=br0
至于路由工作,除了更正网络掩码/广播之外,您还需要告诉内核进行路由,例如运行时:
sudo sysctl -w net.ipv4.ip_forward=1
并使其在每次重新启动时都处于活动状态,编辑/etc/sysctl.conf和添加:
net.ipv4.ip_forward=1
请注意,某些操作系统(例如 iOS)将测试互联网连接作为(Wifi)连接健康检查的一部分。