Open : AP-STA using mac80211_hwsim

STA : Remove old packages

AP : Remove old packages

$ cd $HOME

$ rm -rf hostap* wpa_supp*
$ cd $HOME

$ rm -rf hostap* wpa_supp*

STA : Download wpa_supplicant

AP : Download hostapd

$ sudo wget https://w1.fi/releases/wpa_supplicant-2.9.tar.gz
$ sudo wget http://w1.fi/releases/hostapd-2.9.tar.gz

Note

Make sure internet is available in laptop to download supplicant package

Note

Make sure internet is available in laptop to download hostapd package

Load mac80211_hwsim driver with 4 wireless radios

$ sudo modprobe mac80211_hwsim radios=4

Attention

This simulates Wi-Fi radios for the purpose of testing !

On loading of driver Four wireless interfaces called wlan0, wlan1, wlan2, wlan3 are created by default

$ sudo iwconfig 
wlan0     IEEE 802.11  ESSID:off/any  
          Mode:Managed  Access Point: Not-Associated   Tx-Power=20 dBm   
          Retry short limit:7   RTS thr:off   Fragment thr:off
          Power Management:on
          
wlan1     IEEE 802.11  ESSID:off/any  
          Mode:Managed  Access Point: Not-Associated   Tx-Power=20 dBm   
          Retry short limit:7   RTS thr:off   Fragment thr:off
          Power Management:on

wlan2     IEEE 802.11  ESSID:off/any  
          Mode:Managed  Access Point: Not-Associated   Tx-Power=20 dBm   
          Retry short limit:7   RTS thr:off   Fragment thr:off
          Power Management:on

wlan3     IEEE 802.11  ESSID:off/any  
          Mode:Managed  Access Point: Not-Associated   Tx-Power=20 dBm   
          Retry short limit:7   RTS thr:off   Fragment thr:off
          Power Management:on

Note

Note that 4 Wi-Fi simulated radios are created

Install libraries

$ sudo apt install libnl-genl-3-dev libnl-3-dev libdbus-glib-1-dev

Note

Make sure internet is available in laptop to download libraries

Note

Make sure internet is available in laptop to download libraries

Stop ongoing wireless activities

$ sudo killall wpa_supplicant

$ sudo killall wpa_cli

$ sudo killall hostapd

$ sudo killall hostapd_cli

$ sudo killall dhclient

$ sudo /etc/init.d/network-manager stop
Stopping network-manager (via systemctl): network-manager.service.

$ sudo rfkill list all
0: hci0: Bluetooth
	Soft blocked: no
	Hard blocked: no
1: dell-wifi: Wireless LAN
	Soft blocked: no
	Hard blocked: no
2: dell-bluetooth: Bluetooth
	Soft blocked: no
	Hard blocked: no
3: phy0: Wireless LAN
	Soft blocked: no
	Hard blocked: no
4: phy1: Wireless LAN
	Soft blocked: no
	Hard blocked: no
5: phy2: Wireless LAN
	Soft blocked: no
	Hard blocked: no

$ sudo rfkill unblock all
$ sudo ifconfig wlan1 up
$ sudo ifconfig wlan0 up

Warning

Internet is cut-off after this !

Warning

Internet is cut-off after this !

STA : Wireless interface status before connection

AP : Wireless interface status before connection

$ sudo iwconfig wlan1
wlan1     IEEE 802.11  ESSID:off/any  
          Mode:Managed  Access Point: Not-Associated   Tx-Power=20 dBm   
          Retry short limit:7   RTS thr:off   Fragment thr:off
          Power Management:on
$ sudo iwconfig wlan0
wlan0     IEEE 802.11  ESSID:off/any  
          Mode:Managed  Access Point: Not-Associated   Tx-Power=20 dBm   
          Retry short limit:7   RTS thr:off   Fragment thr:off
          Power Management:on

Note

wlan1 is the name of wireless interface used for STA

Note

wlan0 is the name of wireless interface used for AP

STA : ifconfig interface status before connection

AP : ifconfig interface status before connection

$ sudo ifconfig wlan1
wlan1: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        ether 02:00:00:00:01:00  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
$ sudo ifconfig wlan0
wlan0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        ether 02:00:00:00:00:00  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

STA : Extract wpa_supplicant

AP : Extract hostapd

$ sudo tar -xvf wpa_supplicant-2.9.tar.gz
$ sudo tar -xzvf hostapd-2.9.tar.gz

Note

tar -xvf command extracts zipped supplicant package

Note

tar -xvf command extracts zipped hostapd package

STA : Compile wpa_supplicant

AP : Compile hostapd

$ cd wpa_supplicant-2.9/wpa_supplicant

$ cp defconfig .config

$ make
$ cd hostapd-2.9/hostapd

$ cp defconfig .config

$ make

Note

.config file is required for make to start compilation of supplicant

Note

.config file is required for make to start compilation of hostapd

STA : Create run_supplicant.conf

AP : Create run_hostapd.conf

$ sudo vim ./run_supplicant.conf

ctrl_interface=/run/wpa_supplicant
update_config=1

network={
	ssid="test_open"
	key_mgmt=NONE
}
$ sudo vim ./run_hostapd.conf

ctrl_interface=/run/hostapd
interface=wlan0
driver=nl80211
ssid=test_open
hw_mode=g
channel=6
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0

Note

ssid in ./run_supplicant.conf should match ssid in ./run_hostapd.conf

Note

ssid in ./run_hostapd.conf should be used by clients while connecting to AP

Let us start Sniffer to capture all packets between STA and AP

$ sudo iw dev wlan3 set type monitor

$ sudo ifconfig wlan3 up

$ sudo iw dev wlan3 set channel 6

$ sudo iwconfig wlan3
wlan3     IEEE 802.11  Mode:Monitor  Frequency:2.437 GHz  Tx-Power=20 dBm   
          Retry short limit:7   RTS thr:off   Fragment thr:off
          Power Management:on

$ sudo iw dev 
phy#4
	Interface wlan3
		ifindex 7
		wdev 0x400000001
		addr 02:00:00:00:03:00
		type monitor
		channel 6 (2437 MHz), width: 20 MHz (no HT), center1: 2437 MHz
		txpower 20.00 dBm

$ sudo apt-get install wireshark


$ sudo wireshark

STA : Run wpa_supplicant

AP : Run hostapd

$ sudo ./wpa_supplicant -Dnl80211 -i wlan1 -c ./run_supplicant.conf

Successfully initialized wpa_supplicant
wlan1: SME: Trying to authenticate with 02:00:00:00:00:00 (SSID='test_open' freq=2437 MHz)
wlan1: Trying to associate with 02:00:00:00:00:00 (SSID='test_open' freq=2437 MHz)
wlan1: Associated with 02:00:00:00:00:00
wlan1: CTRL-EVENT-CONNECTED - Connection to 02:00:00:00:00:00 completed [id=0 id_str=]
wlan1: CTRL-EVENT-SUBNET-STATUS-UPDATE status=0
$ sudo ./hostapd ./run_hostapd.conf

Configuration file: /etc/hostapd/hostapd.conf
Using interface wlan0 with hwaddr 02:00:00:00:00:00 and ssid "test_open"
wlan0: interface state UNINITIALIZED->ENABLED
wlan0: AP-ENABLED
wlan0: STA 02:00:00:00:01:00 IEEE 802.11: authenticated
wlan0: STA 02:00:00:00:01:00 IEEE 802.11: associated (aid 1)
wlan0: AP-STA-CONNECTED 02:00:00:00:01:00
wlan0: STA 02:00:00:00:01:00 RADIUS: starting accounting session C449579BCDA93EF3

Note

CTRL-EVENT-CONNECTED indicates successful connection to AP

Note

AP-STA-CONNECTED indicates successful connection of STA

STA : Check ps status and confirm wpa_supplicant process is running

AP : Check ps status and confirm hostapd process is running

$ ps -N | grep -i wpa
  36164 pts/2    00:00:00 wpa_supplicant
$ ps -N | grep -i hostapd
  36261 pts/3    00:00:00 hostapd

STA : Check connection status using wpa_cli

AP : Check connection status using hostapd_cli

$ sudo ./wpa_cli -i wlan1
> status
bssid=02:00:00:00:00:00
freq=2437
ssid=test_open
id=1
mode=station
pairwise_cipher=NONE
group_cipher=NONE
key_mgmt=NONE
wpa_state=COMPLETED
address=02:00:00:00:01:00
uuid=e22ecb71-2706-5c5b-9521-e1cd7dbf8e11
$ sudo ./hostapd_cli -i wlan0
hostapd_cli v2.9
Copyright (c) 2004-2019, Jouni Malinen <j@w1.fi> and contributors

This software may be distributed under the terms of the BSD license.
See README for more details.

Interactive mode

> status
state=ENABLED
phy=phy1
freq=2437
num_sta_non_erp=0
num_sta_no_short_slot_time=0
num_sta_no_short_preamble=0
olbc=0
num_sta_ht_no_gf=0
num_sta_no_ht=0
num_sta_ht_20_mhz=0
num_sta_ht40_intolerant=0
olbc_ht=0
ht_op_mode=0x0
cac_time_seconds=0
cac_time_left_seconds=N/A
channel=6
secondary_channel=0
ieee80211n=0
ieee80211ac=0
ieee80211ax=0
beacon_int=100
dtim_period=2
supported_rates=02 04 0b 16 0c 12 18 24 30 48 60 6c
max_txpower=20
bss[0]=wlan0
bssid[0]=02:00:00:00:00:00
ssid[0]=test_open
num_sta[0]=1
>
>
> all_sta
02:00:00:00:01:00
flags=[AUTH][ASSOC][AUTHORIZED][SHORT_PREAMBLE]
aid=1
capability=0x421
listen_interval=5
supported_rates=02 04 0b 16 0c 12 18 24 30 48 60 6c
timeout_next=NULLFUNC POLL
rx_packets=8
tx_packets=4
rx_bytes=550
tx_bytes=252
inactive_msec=12976
signal=-30
rx_rate_info=20
tx_rate_info=10
connected_time=75
supp_op_classes=5151525354737475767778797a7b7c7d7e7f808182
ext_capab=0400400001000040

Note

wpa_state=COMPLETED indicates successful connection. Check output of status

Note

aid=1 is assigned to connected station. Check output of all_sta

STA : Wireless interface status after connection

AP : Wireless interface status after connection

$ sudo iwconfig 
wlan1     IEEE 802.11  ESSID:"test_open"  
          Mode:Managed  Frequency:2.437 GHz  Access Point: 02:00:00:00:00:00   
          Bit Rate:54 Mb/s   Tx-Power=20 dBm   
          Retry short limit:7   RTS thr:off   Fragment thr:off
          Power Management:on
          Link Quality=70/70  Signal level=-30 dBm  
          Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
          Tx excessive retries:0  Invalid misc:0   Missed beacon:0

$ sudo iw dev
phy#2
	Interface wlan1
		ifindex 6
		wdev 0x200000001
		addr 02:00:00:00:01:00
		ssid test_open
		type managed
		channel 6 (2437 MHz), width: 20 MHz (no HT), center1: 2437 MHz
		txpower 20.00 dBm
$ sudo iwconfig 
wlan0     IEEE 802.11  Mode:Master  Tx-Power=20 dBm   
          Retry short limit:7   RTS thr:off   Fragment thr:off
          Power Management:on

$ sudo iw dev
phy#1
	Interface wlan0
		ifindex 5
		wdev 0x100000001
		addr 02:00:00:00:00:00
		ssid test_open
		type AP
		channel 6 (2437 MHz), width: 20 MHz (no HT), center1: 2437 MHz
		txpower 20.00 dBm

Note

ESSID field in iwconfig should show ssid of AccessPoint

Note

Mode field in iwconfig should show master