add an option that disables Internet sharing
This commit is contained in:
oblique
35
create_ap
35
create_ap
@ -10,25 +10,28 @@
|
|||||||
# haveged (optional)
|
# haveged (optional)
|
||||||
|
|
||||||
usage() {
|
usage() {
|
||||||
echo "Usage: $(basename $0) [options] <wifi-interface> <interface-with-internet> <access-point-name> [<passphrase>]"
|
echo "Usage: $(basename $0) [options] <wifi-interface> [<interface-with-internet>] <access-point-name> [<passphrase>]"
|
||||||
echo
|
echo
|
||||||
echo "Options:"
|
echo "Options:"
|
||||||
echo " -h, --help Show this help"
|
echo " -h, --help Show this help"
|
||||||
echo " -c <channel> Channel number (default: 1)"
|
echo " -c <channel> Channel number (default: 1)"
|
||||||
echo " -w <WPA version> Use 1 for WPA, use 2 for WPA2, use 1+2 for both (default: 1+2)"
|
echo " -w <WPA version> Use 1 for WPA, use 2 for WPA2, use 1+2 for both (default: 1+2)"
|
||||||
echo " -g <gateway> IPv4 Gateway for the Access Point (default: 192.168.12.1)"
|
echo " -g <gateway> IPv4 Gateway for the Access Point (default: 192.168.12.1)"
|
||||||
echo " -d DNS server will take into account /etc/hosts (default: disabled)"
|
echo " -d DNS server will take into account /etc/hosts"
|
||||||
|
echo " -n Disable Internet sharing (if you use this, don't pass"
|
||||||
|
echo " the <interface-with-internet> argument)"
|
||||||
echo " --hidden Make the Access Point hidden (do not broadcast the SSID)"
|
echo " --hidden Make the Access Point hidden (do not broadcast the SSID)"
|
||||||
echo
|
echo
|
||||||
echo "Example:"
|
echo "Examples:"
|
||||||
echo " $(basename $0) wlan0 eth0 MyAccessPoint MyPassPhrase"
|
echo " $(basename $0) wlan0 eth0 MyAccessPoint MyPassPhrase"
|
||||||
|
echo " $(basename $0) -n wlan0 MyAccessPoint MyPassPhrase"
|
||||||
}
|
}
|
||||||
|
|
||||||
get_macaddr() {
|
get_macaddr() {
|
||||||
ip link show "$1" | sed -n 's/.*ether \([0-9a-f][0-9a-f]:[0-9a-f][0-9a-f]:[0-9a-f][0-9a-f]:[0-9a-f][0-9a-f]:[0-9a-f][0-9a-f]:[0-9a-f][0-9a-f]\) .*/\1/p'
|
ip link show "$1" | sed -n 's/.*ether \([0-9a-f][0-9a-f]:[0-9a-f][0-9a-f]:[0-9a-f][0-9a-f]:[0-9a-f][0-9a-f]:[0-9a-f][0-9a-f]:[0-9a-f][0-9a-f]\) .*/\1/p'
|
||||||
}
|
}
|
||||||
|
|
||||||
ARGS=$(getopt -o hc:w:g:d -l "help","hidden" -n $(basename $0) -- "$@")
|
ARGS=$(getopt -o hc:w:g:dn -l "help","hidden" -n $(basename $0) -- "$@")
|
||||||
[[ $? -ne 0 ]] && exit 1
|
[[ $? -ne 0 ]] && exit 1
|
||||||
eval set -- "$ARGS"
|
eval set -- "$ARGS"
|
||||||
|
|
||||||
@ -37,6 +40,7 @@ GATEWAY=192.168.12.1
|
|||||||
WPA_VERSION=1+2
|
WPA_VERSION=1+2
|
||||||
ETC_HOSTS=0
|
ETC_HOSTS=0
|
||||||
HIDDEN=0
|
HIDDEN=0
|
||||||
|
SHARE_INTERNET=1
|
||||||
|
|
||||||
while :; do
|
while :; do
|
||||||
case "$1" in
|
case "$1" in
|
||||||
@ -73,6 +77,10 @@ while :; do
|
|||||||
shift
|
shift
|
||||||
ETC_HOSTS=1
|
ETC_HOSTS=1
|
||||||
;;
|
;;
|
||||||
|
-n)
|
||||||
|
shift
|
||||||
|
SHARE_INTERNET=0
|
||||||
|
;;
|
||||||
--)
|
--)
|
||||||
shift
|
shift
|
||||||
break
|
break
|
||||||
@ -80,15 +88,23 @@ while :; do
|
|||||||
esac
|
esac
|
||||||
done
|
done
|
||||||
|
|
||||||
|
if [[ $SHARE_INTERNET -eq 1 ]]; then
|
||||||
if [[ $# -ne 3 && $# -ne 4 ]]; then
|
if [[ $# -ne 3 && $# -ne 4 ]]; then
|
||||||
usage
|
usage
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
WIFI_IFACE=$1
|
|
||||||
INTERNET_IFACE=$2
|
INTERNET_IFACE=$2
|
||||||
SSID=$3
|
SSID=$3
|
||||||
PASSPHRASE=$4
|
PASSPHRASE=$4
|
||||||
|
else
|
||||||
|
if [[ $# -ne 2 && $# -ne 3 ]]; then
|
||||||
|
usage
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
SSID=$2
|
||||||
|
PASSPHRASE=$3
|
||||||
|
fi
|
||||||
|
WIFI_IFACE=$1
|
||||||
|
|
||||||
if [[ $(id -u) -ne 0 ]]; then
|
if [[ $(id -u) -ne 0 ]]; then
|
||||||
echo "You must run it as root."
|
echo "You must run it as root."
|
||||||
@ -140,11 +156,13 @@ ip addr flush ${WIFI_IFACE}
|
|||||||
ip link set up dev ${WIFI_IFACE}
|
ip link set up dev ${WIFI_IFACE}
|
||||||
ip addr add ${GATEWAY}/24 dev ${WIFI_IFACE}
|
ip addr add ${GATEWAY}/24 dev ${WIFI_IFACE}
|
||||||
|
|
||||||
# enable NAT
|
# enable NATed Internet sharing
|
||||||
|
if [[ $SHARE_INTERNET -eq 1 ]]; then
|
||||||
iptables -t nat -A POSTROUTING -o ${INTERNET_IFACE} -j MASQUERADE
|
iptables -t nat -A POSTROUTING -o ${INTERNET_IFACE} -j MASQUERADE
|
||||||
iptables -A FORWARD -i ${WIFI_IFACE} -j ACCEPT
|
iptables -A FORWARD -i ${WIFI_IFACE} -j ACCEPT
|
||||||
OLD_IP_FORWARD=$(cat /proc/sys/net/ipv4/ip_forward)
|
OLD_IP_FORWARD=$(cat /proc/sys/net/ipv4/ip_forward)
|
||||||
echo 1 > /proc/sys/net/ipv4/ip_forward
|
echo 1 > /proc/sys/net/ipv4/ip_forward
|
||||||
|
fi
|
||||||
|
|
||||||
# boost low-entropy
|
# boost low-entropy
|
||||||
if [[ $(cat /proc/sys/kernel/random/entropy_avail) -lt 1000 ]]; then
|
if [[ $(cat /proc/sys/kernel/random/entropy_avail) -lt 1000 ]]; then
|
||||||
@ -175,10 +193,11 @@ for x in $CONFDIR/*.pid; do
|
|||||||
kill -9 $(cat $x)
|
kill -9 $(cat $x)
|
||||||
done
|
done
|
||||||
rm -rf $CONFDIR
|
rm -rf $CONFDIR
|
||||||
|
if [[ $SHARE_INTERNET -eq 1 ]]; then
|
||||||
iptables -t nat -D POSTROUTING -o ${INTERNET_IFACE} -j MASQUERADE
|
iptables -t nat -D POSTROUTING -o ${INTERNET_IFACE} -j MASQUERADE
|
||||||
iptables -D FORWARD -i ${WIFI_IFACE} -j ACCEPT
|
iptables -D FORWARD -i ${WIFI_IFACE} -j ACCEPT
|
||||||
echo $OLD_IP_FORWARD > /proc/sys/net/ipv4/ip_forward
|
echo $OLD_IP_FORWARD > /proc/sys/net/ipv4/ip_forward
|
||||||
|
fi
|
||||||
ip link set down dev ${WIFI_IFACE}
|
ip link set down dev ${WIFI_IFACE}
|
||||||
ip addr flush ${WIFI_IFACE}
|
ip addr flush ${WIFI_IFACE}
|
||||||
exit 0
|
exit 0
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user