shell script for setup and management of hotspot (hostapd) functions on rpi platform
functions:
- try
- start
- stop
- restart
- enable
- disable
- retry
- status
- setup
- setchan [channel]
- syslog [lines]
- fwd [wipe|install|list]
- ovpn [start|stop|refresh]
- wg [start|stop|config]
- tor [start|stop]
- version
- wlan [start|stop]
- modpar <dnsmasq|hostapd|self> <name> [value]
- automatic start at boot process by systemd
will use onboard wlan adaptor for hotspot functionality and
the on board ethernet port or an optional external usb wlan adaptor (e.g. EW-7811Un Realtek RTL8188CUS)
for internet access.
best wlan channel for hotspot functionality will be determined automatically by least used frequency spectrum.
support for vpns: wireguard and openvpn
support for tor
create .ovpn config files for free openvpn server taken from https://www.vpngate.net
actions will be logged in syslog
pls. see examples in troubleshooting section.
new hotspot version is using firewalld.
for full installation and setup sequence, pls. see installation and setup section at the bottom of this file
is a small script, that allows to have a jump start with firewalld
rpi login as root required
root:# cd /usr/local/sbin
root:# wget -qN https://raw.githubusercontent.com/rudiratlos/hotspot/master/hotspot
root:# chmod +x hotspot
root:# apt-get update
root:# apt-get upgrade
will install all required packages (e.g. iw tor openvpn wireguard hostapd dnsmasq),
setting parameters and create config files:
- /etc/sysctl.conf (activate line net.ipv4.ip_forward=1)
- /etc/rc.local
- /etc/issues
- /etc/dhcpcd.conf
- /etc/dnsmasq.conf
- /etc/default/hostapd
- /etc/hostapd/hostapd.conf
- /etc/tor/torrc
- /etc/wireguard/
- /etc/openvpn/
Existing files will be backed up with a date extension (YYYYMMDDhhmmss).
hotspot setup
hotspot try
above command sequence will create a hotspot with following default parameter:
ssid: <HOSTNAME>wlan-<MAC3ByteAdr> (e.g. RPIwlan-abcdef)
pwd: hallohallo
country: DE
next commands will create all config files and adjusts parameter to your environment.
hotspot setup
hotspot modpar hostapd ssid myHotspotID
hotspot modpar hostapd wpa_passphrase myHotspotPassword
hotspot modpar hostapd country_code SE
hotspot modpar crda REGDOMAIN SE
hotspot try
before executing hotspot setup command,
you can disable the installation of tor and/or ovpn package by modifying the aptaddinstlist variable.
hotspot modpar self aptaddinstlist "tor" # install tor only
hotspot modpar self aptaddinstlist "openvpn" # install openvpn only
hotspot modpar self aptaddinstlist "wireguard" # install wireguard only
hotspot modpar self aptaddinstlist "tor openvpn wireguard" # install all three (default)
hotspot modpar self aptaddinstlist "" # do not install vpns
enable hotspot service
hotspot will be started by systemd service
control file: /lib/systemd/system/hotspot.service
the service will be started at boot stage where
network interfaces are available.
If autostart variable is set to "yes", hotspot will be tried to start.
Older versions (V0.960), hotspot was started by rc.local
hotspot enable
disable hotspot service
hotspot disable
start all hotspot associated functions:
- terminate connection on wlan0
- create device ap0 and assign IP addr
- start dnsmasq
- start hostapd
hotspot start
will start hotspot if following condition is met:
- wlan0 or eth0 not connected
- wlan0 and eth0 IP addresses are on same IP subnet (wlan0 connection will be stopped)
hotspot try
stop hotspot functions:
- stop hostapd
- stop dnsmasq
- optional: restart wlan
hotspot stop
executes following hotspot sequence:
- hotspot stop nowlan
- sleep some seconds (settling time)
- hotspot start
hotspot restart
executes following hotspot sequence:
- hotspot stop nowlan
- sleep some seconds (settling time)
- hotspot try
hotspot retry
change parameter value in config file
format: hotspot modpar <dnsmasq|hostapd|self> <name> [value]
file selector:
dnsmasq /etc/dnsmasq.conf
hostapd /etc/hostapd/hostapd.conf
self /usr/local/sbin/hotspot
name parameter name
value parameter value
examples:
hotspot modpar hostapd ssid myHotspotID # set parameter ssid=myHotspotID
hotspot modpar hostapd country_code DE # set parameter country_code=DE
During boot process systemd service hotspot.service will look for
file content autostart="yes" in /usr/local/sbin/hotspot and will execute hotspot try command.\
V0.960: This is not needed anymore, use hotspot enable/disable command.
hotspot modpar self autostart yes # enable autostart (default)
hotspot modpar self autostart no # disable autostart
start openvpn automatically
hotspot modpar self ovpnstart yes # enable ovpnstart
hotspot modpar self ovpnstart no # disable ovpnstart (default)
adjust specific openvpn parameter
hotspot modpar self ovpn_dev tun3 # change ovpn device for firewalld
to work correctly, ovpn_dev has to be the same, that is defined in .ovpn config file (parameter dev).
start tor service automatically
hotspot modpar self torstart yes # enable torstart
hotspot modpar self torstart no # disable torstart (default)
start wireguard service automatically
hotspot modpar self wgstart yes # enable wgstart
hotspot modpar self wgstart no # disable wgstart (default)
copy myconfig.ovpn file to /etc/openvpn/myconfig.conf
cp myconfig.ovpn /etc/openvpn/myconfig.conf
hotspot modpar self ovpncfg myconfig
hotspot modpar self ovpnrefreshbeforestart no
hotspot modpar self ovpnstart yes
pls. assure, that the your config file (/etc/openvpn/myconfig.conf) has the extension .conf
and set parameter 'ovpncfg myconfig'
the script will start a service openvpn@myconfig
start, stop openvpn or refresh .ovpn files from vpngate.net experimental
refresh will download the CSV list of free openvpn server and will create .ovpn files.
server from these countries will be used, defined by ovpnsel parameter: AT CH DE ES FR GB JP KR SC TW US
out of these, the server with the highest score is defined in /etc/openvpn/client/vpngate_bestscore.ovpn
and will be copied to /etc/openvpn/hotspot.conf and used as default openvpn config file.
the script will start a service openvpn@hotspot if parameter ovpncfg is set to hotspot
pls. see ovpnstart parameter for automatic starting openvpn and modifying parameter
hotspot modpar self ovpncfg hotspot # set default config name
hotspot ovpn start # start openvpn service
hotspot ovpn stop # stop openvpn service (default)
hotpsot ovpn refresh # recreate .ovpn config files
start or stop tor service experimental
pls. see torstart parameter for automatic starting tor service.
hotspot tor start # start tor service
hotspot tor stop # stop tor service
setup example for wg client, which should connect to remote wireguard server (wg.example.com:51820)
# set default values
hotspot modpar self wg_clientprivkey "uME..EGE=" # [Interface] PrivateKey
hotspot modpar self wg_srvpubkey "URS..PQY=" # [Peer] PublicKey
hotspot modpar self wg_presharedkey "6Oo..qOs=" # [Peer] PresharedKey or leave blank
hotspot modpar self wg_endpoint "wg.example.com:51820" # [Peer] Endpoint
hotspot modpar self wgstart yes # will start wireguard tunnel at startup
hotspot wg config client # create interactively wg config file /etc/wireguard/wg0.conf
hotspot wg start # start wireguard service
hotspot wg stop # stop wireguard service
show hotspot related syslog entries
hotspot syslog
hotspot syslog 5
show hotspot script version
hotspot version
rpi login as root required
root:# cd /usr/local/sbin
root:# cp hotspot hotspot.old # if you want to keep it
root:# rm hotspot # just remove old hotspot script
root:# wget -qN https://raw.githubusercontent.com/rudiratlos/hotspot/master/hotspot
root:# chmod +x hotspot
root:# cp fwd fwd.old # if you want to keep it
root:# wget -qN https://raw.githubusercontent.com/rudiratlos/hotspot/master/fwd
root:# chmod +x fwd
root:# apt-get update
root:# apt-get upgrade # optional
root:# hotspot setup
root:# hotspot modpar hostapd ssid myHotspotID
root:# hotspot modpar hostapd wpa_passphrase myHotspotPassword
root:# hotspot modpar hostapd country_code SE
root:# hotspot modpar crda REGDOMAIN SE
root:# hotspot modpar self autostart yes # optional autostart enable
root:# reboot # if autostart enable or use hotspot try
syslog will be used as log utility
hotspot syslog
tail -500 /var/log/syslog | grep -a "hotspot"
cat /var/log/syslog | grep -a "hotspot"
these commands will show 5 log entries of involved SW packages caused by hotspot command sequence
hotspot syslog 5
tail -500 /var/log/syslog | grep -a -A 5 "hotspot"
cat /var/log/syslog | grep -a -A 5 "hotspot"