Mageia forum

[mackowiakp]

My PC is equipped with two net interfaces - wlan0 and eth0. I want to run WiFi access point on wlan0. So i use hostapd facility and it works properly in routing mode. But I want to run it in bridging mode to avoid problem with internet connection for PC installed in second network segment (behind second router based on this PC).
I have no GUI access to this PC, because it is far of me, so only CLI config action is possible.
I googled a lot but no answer found. For example creating bridge and adding both interfaces to this bridge cause network hangs.

So, any advise how to properly configure hostapd on M3 or how to configure M3 in for proper operation with ADSL router.
But, as I wrote, only CLI config action possible.

My net config is as follows

.........M3 hostapd.............cable connection.............ADSL router/WiFi
.....wlan0..........eth0..... <------------------------->.........192.168.0.1......................<------------> internet
192.168.10.1...192.168.0.7...........................added static routing to 192.168.10.X

[oj]

Is forwarding enabled? cat /proc/sys/net/ipv4/ip_forward. (1 is enabled, 0 disabled)

You should be able to get internet access through to the subnet. Hosts on that segment would set whatever the wifi IP is as their gateway. (so long as the machine is forwarding)

[mackowiakp]

Forwarding is enable.

Code: Select all

[root@media ~]# cat /proc/sys/net/ipv4/ip_forward
1

I think the problem of no possibility to access from segment 192.168.10.XXX to and from Internet is because in this configuration, computer acts as router. The ADSL modem has stating routing to this segment so I can for example ping from any 192.168.10.XXX located node to any 192.168.0.XXX node (and vice verse).
But ADSL buid-in NAT can not direct any internet coming packet to serment 192.168.10.XXX.
So the simplest way to solve that problem is M3 based computer from router mode to bridge mode.
I try a lot of times, without success. So wland0 and eth0 must bridge traffic and wlan0 must operate as access point using hostapd.
Can not configure such facility...

[oj]

Are you using brctl? Do you have ebtables installed?

[doktor5000]

The simplest solution would be to tell iptables to masquerade packages for that subnet, no?
Check http://www.billauer.co.il/ipmasq-html.html or http://www.ibiblio.org/pub/linux/docs/h ... HOWTO.html

[mackowiakp]

Are you using brctl? Do you have ebtables installed?

I try to use brctl but my PC hangs

So You have log of my session:

Code: Select all

[root@media ~]# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:12:3F:F2:31:65 
          inet addr:192.168.0.7  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr: fe80::212:3fff:fef2:3165/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:102 errors:0 dropped:0 overruns:0 frame:0
          TX packets:135 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:12230 (11.9 KiB)  TX bytes:18892 (18.4 KiB)
          Interrupt:16

lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:12 errors:0 dropped:0 overruns:0 frame:0
          TX packets:12 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:840 (840.0 b)  TX bytes:840 (840.0 b)

wlan0     Link encap:Ethernet  HWaddr 00:14:A5:04:94:3C 
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

[root@media ~]# brctl show
bridge name     bridge id               STP enabled     interfaces
[root@media ~]# brctl addbr br0
[root@media ~]# ifconfig br0 up
[root@media ~]# ifconfig
br0       Link encap:Ethernet  HWaddr F6:1C:34:F5:5B:0E 
          inet6 addr: fe80::f41c:34ff:fef5:5b0e/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:5 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 b)  TX bytes:398 (398.0 b)

eth0      Link encap:Ethernet  HWaddr 00:12:3F:F2:31:65 
          inet addr:192.168.0.7  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr: fe80::212:3fff:fef2:3165/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:466 errors:0 dropped:0 overruns:0 frame:0
          TX packets:425 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:47705 (46.5 KiB)  TX bytes:57848 (56.4 KiB)
          Interrupt:16

lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:62 errors:0 dropped:0 overruns:0 frame:0
          TX packets:62 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:5355 (5.2 KiB)  TX bytes:5355 (5.2 KiB)

wlan0     Link encap:Ethernet  HWaddr 00:14:A5:04:94:3C 
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

[root@media ~]# ifconfig br0
br0       Link encap:Ethernet  HWaddr F6:1C:34:F5:5B:0E 
          inet6 addr: fe80::f41c:34ff:fef5:5b0e/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 b)  TX bytes:468 (468.0 b)

[root@media ~]# brctl show
bridge name     bridge id               STP enabled     interfaces
br0             8000.000000000000       no
[root@media ~]# brctl addif br0 eth0


After the last command Ethernet connection to my computer hangs I want to bridge traffic between eth0 and wlan0 with DHCP and hostapd on wlan0.
Such configuration works for me but as a router.
Can You tell me what I am doing wrong?

[mackowiakp]

The simplest solution would be to tell iptables to masquerade packages for that subnet, no?
Check http://www.billauer.co.il/ipmasq-html.html or http://www.ibiblio.org/pub/linux/docs/h ... HOWTO.html

I did not find easy example how to configure iptables to masquerade in such configuration I want to use. I want to have access to and from internet to second network segment. Can You show me one? Any link? I am not quite good in iptables and masquerade

[doktor5000]

Just showed you two links ...

[mackowiakp]

OK, but i mean about bridgeing not routing with NAT. It is not what i want to have. I want to bridge traffic and after using native tools - like brctl - my PC hangs on Ethernet connection.

[mackowiakp]

Are you using brctl? Do you have ebtables installed?

When I try to add to bridge eth0 interface (and only this one, single interface) the communication over LAN hangs. From my point of view it is a bug. So I report it on bugzilla.

[jiml8]

Pay attention to subnet masks, and make sure the firewall doesn't block this:

Code: Select all

sudo iptables -t nat -A POSTROUTING -s 192.168.10.0/24 -j SNAT --to-source 192.168.0.7


Also you certainly should be able to bridge using brctl. Suggest you use tcpdump (for cli) or wireshark (for gui) to view what is happening on the bridge when you try it and it locks the network.

[mackowiakp]

Yep. But I want to bridge traffic, not routing. The code You sent me is about routing/firewalling IP traffic.
And the problem is, that adding single (wired) ethernet interface as the only to new created bridge, hangs ANY trafic on this interface at all. It is not iptables or any other firewall issue. In my meaning it is a bug in brctl and bridge-utils.

[jiml8]

Yep. But I want to bridge traffic, not routing. The code You sent me is about routing/firewalling IP traffic.
And the problem is, that adding single (wired) ethernet interface as the only to new created bridge, hangs ANY trafic on this interface at all. It is not iptables or any other firewall issue. In my meaning it is a bug in brctl and bridge-utils.

That is not a bug. If you only add eth0 to your bridge, you have built a bridge to nowhere...other than the bridge interface itself. Also, when you set up a bridge, you have to put your IP address on the bridge, and not on the interface; the interface is no longer accessible except through the bridge.

If you set up a bridge in this fashion (why??) then if you assign the IP address to the bridge - nominally br0 - your system will work again. If you add wlan0 to the bridge, then the whole thing should work the way you want it to.

[mackowiakp]

OK, now I understand. So I have to (from console) remove eth0 and wlan0 IP related definitions form system and what to do next?

[jiml8]

I have not played with bridges on Mageia very much. But some close variant of this command sequence will work:

Code: Select all

ifconfig eth0 down
ifconfig wlan0 down
brctl addbr br0
brctl addif br0 eth0, wlan0
ifconfig eth0 up
ifconfig wlan0 up
ifconfig br0 192.168.0.7/24
ifconfig br0:1 192.168.10.2/24 (use proper wlan0 address here)


You might want to delete the ifcfg-eth0 and ifcfg-wlan0 files in /etc/sysconfig/network-scripts, depending if you want this to be a permanent setup or not.

[mackowiakp]

THX!! Additionally I found out interesting HOWTO:

https://help.ubuntu.com/community/Netwo ... tionBridge

[mackowiakp]

And one more question. Where to place and how (filenames, subdir) in M3 the bridge definition to start it automatically after reboot?

[jiml8]

The right way would be to create files ifcfg-br0 and ifcfg-br0:1 in /etc/sysconfig, create the script ifcfg-br with the up, down, and status links properly handled in the same directory, and delete the ifcfg-eth0 and ifcfg-wlan0 files in the same directory.

The easy way would be to put a script in /etc/rc.d/init.d that does exactly what you want then symlink it in /etc/rc.d/rcN.d for every runlevel you want it at. The intermediate way would be to figure out how to do it correctly using systemd and put the equivalent script where systemd would use it.

[mackowiakp]

THX once more. But please explain me, why You assign two IP addresses to bridge br0 and br0:1 ? I want to just bridge traffic between eth0 and wlan0 so as I mean (maybe i am wrong) that only one IP address is necessary for such configuration.

[jiml8]

If you want the system doing the bridging to be able to participate in both LANs, you need to give it an address on each LAN. If you only want to bridge but still have internet access, one address is all you need.

[mackowiakp]

OK. I will follow to Your advice's. And may thanks for cooperation.
The interesting think is that it is possible to assign two IP address for bridge, separately for each interface. It means that de facto, bridging is done not from eth0 to wlan0 but eth0<-->loopback<-->wlan0

[mackowiakp]

The problem is solved without positive result. The reason is that my WiFi chipset - BroadCom BCM4318 b43 (brcm80211), is buggy and not correctly support AP feature. Because this chipset is very old, probably appropriate Linux drive never will be fix.

http://blog.gmane.org/gmane.linux.drive ... h=20120501