interesting
/
linux-router
mirror of https://github.com/garywill/linux-router.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Compare commits

base: interesting:33eedb55c3b6badfaf55d71d6ede5e54e4a7df4a
Branches Tags
interesting:master
interesting:workaround-31
interesting:dev-12
interesting:history
interesting:0.8.1
interesting:0.7.6
interesting:0.7.3
interesting:0.7.1
interesting:0.7.1b
interesting:0.6.7
interesting:0.6.6
interesting:0.6.5
interesting:0.6.2
interesting:0.6.0
..
compare: interesting:c7e789d8c816a5e51b2c1a4a52196419aa6e0577
Branches Tags
interesting:master
interesting:workaround-31
interesting:dev-12
interesting:history
interesting:0.8.1
interesting:0.7.6
interesting:0.7.3
interesting:0.7.1
interesting:0.7.1b
interesting:0.6.7
interesting:0.6.6
interesting:0.6.5
interesting:0.6.2
interesting:0.6.0

16 Commits
33eedb55c3 ... c7e789d8c8

Author SHA1 Message Date
Loki The Great c7e789d8c8
Merge e2b969b68a into cf9bc306c4 2025-08-26 03:36:16 +00:00
garywill cf9bc306c4 version 0.8.0 2025-08-17 16:21:56 +08:00
garywill 3f8415a103 Merge branch 'wifi6' 2025-08-17 12:12:25 +08:00
garywill 7ffd74d4eb fix if interface already in a firewalld zone 2025-08-17 11:08:02 +08:00
garywill 3b036f4781 readme 2025-08-17 11:07:21 +08:00
garywill c6d704e3aa readme 2025-08-17 10:32:48 +08:00
garywill a511219b50 hostapd.conf: separate ieee80211n=1 and ht_capab= 2025-08-17 10:32:48 +08:00
garywill 7ecc846459 alias: --req-wifi4 = --req-ht . Same for wifi5/6 2025-08-17 10:32:48 +08:00
garywill bbb70b99ba update wifi options description 2025-08-17 10:32:48 +08:00
garywill 3ebbf37428 Rename --idle-timeout to --sta-timeout. No default value 2025-08-17 10:32:48 +08:00
garywill 958ebffd7f rename --enable-twt to --p2ptwt 2025-08-17 10:32:48 +08:00
garywill ff15c19383 wifi options sequence 2025-08-17 10:32:48 +08:00
garywill bc8bfb5cab wifi 4~6 options sequence 2025-08-17 10:32:48 +08:00
Phani Pavan K d288b8f0ed bump unstable version 2025-08-16 11:01:12 +08:00
Phani Pavan K 13a1654b91 added p2p twt and idle timeout, remove random spaces 2025-08-16 11:00:30 +08:00
Phani Pavan K a18d4e75a4 add he beamform(er/ee) options 2025-08-16 11:00:27 +08:00
2 changed files with 261 additions and 175 deletions
Show Stats Expand all files Collapse all files

53
README.md
View File

@ -19,13 +19,16 @@ Basic features:
- Specify upstream DNS (kind of a plain DNS proxy) - Specify upstream DNS (kind of a plain DNS proxy)
- IPv6 (behind NATed LAN, like IPv4) - IPv6 (behind NATed LAN, like IPv4)
- Creating WiFi hotspot: - Creating WiFi hotspot:
- Wifi 4/5/6
- 2.4GHz, 5GHz
- Channel selecting - Channel selecting
- Choose encryptions: WPA2/WPA, WPA2, WPA, No encryption - Choose encryptions: WPA2/WPA, WPA2, WPA, No encryption
- Create AP on the same interface you are getting Internet (usually require same channel) - Create AP on the same interface you are getting Internet (usually require same channel)
- Transparent proxy (redsocks) - Transparent proxy (redsocks)
- Transparent DNS proxy (hijack port 53 packets) - Transparent DNS proxy (hijack port 53 packets)
- Detect NetworkManager and make sure it won't interfere (handle interface (un)managed status) - Detect and prevent interference from following Linux system daemons:
- Detect firewalld and make sure it won't interfere our (by using `trusted` zone) - NetworkManager (handle interface (un)managed status)
- firewalld (use temporary `trusted` zone)
- You can run many instances, to create many different networks. Has instances managing feature. - You can run many instances, to create many different networks. Has instances managing feature.
**For many other features, see below [CLI usage](#cli-usage-and-other-features)** **For many other features, see below [CLI usage](#cli-usage-and-other-features)**
@ -381,19 +384,19 @@ Options:
(defaults to /etc/hostapd/hostapd.accept) (defaults to /etc/hostapd/hostapd.accept)
--hostapd-debug <level> 1 or 2. Passes -d or -dd to hostapd --hostapd-debug <level> 1 or 2. Passes -d or -dd to hostapd
--isolate-clients Disable wifi communication between clients --isolate-clients Disable wifi communication between clients
--sta-timeout <seconds> Timeout to disconnect a no-signal client
--no-haveged Do not run haveged automatically when needed --no-haveged Do not run haveged automatically when needed
--hs20 Enable Hotspot 2.0 --hs20 Enable Hotspot 2.0
WiFi 4 (802.11n) configs: WiFi 4 (802.11n) configs:
--wifi4 Enable IEEE 802.11n (HT) --wifi4 Enable IEEE 802.11n (HT, High Throughput)
--req-ht Require station HT (High Throughput) mode --ht-capab <HT caps> HT capabilities (example: '[HT40+][HT40-]')
--ht-capab <HT caps> HT capabilities (default: [HT40+]) (default: '[HT40+]')
--req-wifi4 Only support Wifi>=4 clients
WiFi 5 (802.11ac) configs:
--wifi5 Enable IEEE 802.11ac (VHT)
--req-vht Require station VHT (Very High Thoughtput) mode
--vht-capab <VHT caps> VHT capabilities
WiFi 5 (802.11ac) configs:
--wifi5 Enable IEEE 802.11ac (VHT, Very High Thoughtput)
--vht-capab <VHT caps> VHT capabilities (example: '[VHT160][RXLDPC]')
--vht-ch-width <index> Index of VHT channel width: --vht-ch-width <index> Index of VHT channel width:
0 for 20MHz or 40MHz (default) 0 for 20MHz or 40MHz (default)
1 for 80MHz 1 for 80MHz
@ -403,9 +406,32 @@ Options:
segment. Use with '--vht-ch-width' segment. Use with '--vht-ch-width'
--vht-seg1-ch <channel> Channel index of VHT center frequency for secondary --vht-seg1-ch <channel> Channel index of VHT center frequency for secondary
(second 80MHz) segment. Use with '--vht-ch-width 3' (second 80MHz) segment. Use with '--vht-ch-width 3'
--req-wifi5 Only support Wifi>=5 clients
WiFi 6 (802.11ax) configs:
--wifi6 Enable IEEE 802.11ax (HE, High Efficiency)
--he-ch-width <index> Index of HE channel width:
0 for 20MHz or 40MHz (default)
1 for 80MHz
2 for 160MHz
3 for 80+80MHz (Non-contigous 160MHz)
--he-seg0-ch <channel> Channel index of HE center frequency for primary
segment. Use with '--he-ch-width'
--he-seg1-ch <channel> Channel index of HE center frequency for secondary
(second 80MHz) segment. Use with '--he-ch-width 3'
--he-su-bfe HE Single User Beamformee support
--he-su-bfr HE Single User Beamformer support
--he-mu-bfr HE Multi User Beamformer support
--req-wifi6 Only support Wifi>=6 clients
--p2ptwt Peer-to-Peer Target Wake Time support
Note: Some cutting-edge Wifi features strongly depends on hostapd built
with specific flags enabled and compatible hardware
Instance managing: Instance managing:
--daemon Run in background --daemon Run in background
--keep-confdir Don't delete the temporary config dir after exit
-l, --list-running Show running instances -l, --list-running Show running instances
--lc, --list-clients <id|interface> --lc, --list-clients <id|interface>
List clients of an instance. Or list neighbors of List clients of an instance. Or list neighbors of
@ -414,11 +440,6 @@ Options:
--stop <id> Stop a running instance --stop <id> Stop a running instance
For <id> you can use PID or subnet interface name. For <id> you can use PID or subnet interface name.
You can get them with '--list-running' You can get them with '--list-running'
Examples:
lnxrouter -i eth1
lnxrouter --ap wlan0 MyAccessPoint -p MyPassPhrase
lnxrouter -i eth1 --tp <transparent-proxy> --dns <dns-proxy>
``` ```
</details> </details>

349
lnxrouter
View File

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
VERSION=0.8.0-unstable2 VERSION=0.8.0
PROGNAME="$(basename "$0")" PROGNAME="$(basename "$0")"
export LC_ALL=C export LC_ALL=C
@ -101,19 +101,19 @@ Options:
(defaults to /etc/hostapd/hostapd.accept) (defaults to /etc/hostapd/hostapd.accept)
--hostapd-debug <level> 1 or 2. Passes -d or -dd to hostapd --hostapd-debug <level> 1 or 2. Passes -d or -dd to hostapd
--isolate-clients Disable wifi communication between clients --isolate-clients Disable wifi communication between clients
--sta-timeout <seconds> Timeout to disconnect a no-signal client
--no-haveged Do not run haveged automatically when needed --no-haveged Do not run haveged automatically when needed
--hs20 Enable Hotspot 2.0 --hs20 Enable Hotspot 2.0
WiFi 4 (802.11n) configs: WiFi 4 (802.11n) configs:
--wifi4 Enable IEEE 802.11n (HT) --wifi4 Enable IEEE 802.11n (HT, High Throughput)
--req-ht Require station HT (High Throughput) mode --ht-capab <HT caps> HT capabilities (example: '[HT40+][HT40-]')
--ht-capab <HT caps> HT capabilities (default: [HT40+]) (default: '[HT40+]')
--req-wifi4 Only support Wifi>=4 clients
WiFi 5 (802.11ac) configs:
--wifi5 Enable IEEE 802.11ac (VHT)
--req-vht Require station VHT (Very High Thoughtput) mode
--vht-capab <VHT caps> VHT capabilities
WiFi 5 (802.11ac) configs:
--wifi5 Enable IEEE 802.11ac (VHT, Very High Thoughtput)
--vht-capab <VHT caps> VHT capabilities (example: '[VHT160][RXLDPC]')
--vht-ch-width <index> Index of VHT channel width: --vht-ch-width <index> Index of VHT channel width:
0 for 20MHz or 40MHz (default) 0 for 20MHz or 40MHz (default)
1 for 80MHz 1 for 80MHz
@ -123,11 +123,10 @@ Options:
segment. Use with '--vht-ch-width' segment. Use with '--vht-ch-width'
--vht-seg1-ch <channel> Channel index of VHT center frequency for secondary --vht-seg1-ch <channel> Channel index of VHT center frequency for secondary
(second 80MHz) segment. Use with '--vht-ch-width 3' (second 80MHz) segment. Use with '--vht-ch-width 3'
--req-wifi5 Only support Wifi>=5 clients
WiFi 6 (802.11ax) configs: WiFi 6 (802.11ax) configs:
--wifi6 Enable IEEE 802.11ax (HE) --wifi6 Enable IEEE 802.11ax (HE, High Efficiency)
--req-he Require station HE (High Efficiency) mode
--he-ch-width <index> Index of HE channel width: --he-ch-width <index> Index of HE channel width:
0 for 20MHz or 40MHz (default) 0 for 20MHz or 40MHz (default)
1 for 80MHz 1 for 80MHz
@ -137,6 +136,14 @@ Options:
segment. Use with '--he-ch-width' segment. Use with '--he-ch-width'
--he-seg1-ch <channel> Channel index of HE center frequency for secondary --he-seg1-ch <channel> Channel index of HE center frequency for secondary
(second 80MHz) segment. Use with '--he-ch-width 3' (second 80MHz) segment. Use with '--he-ch-width 3'
--he-su-bfe HE Single User Beamformee support
--he-su-bfr HE Single User Beamformer support
--he-mu-bfr HE Multi User Beamformer support
--req-wifi6 Only support Wifi>=6 clients
--p2ptwt Peer-to-Peer Target Wake Time support
Note: Some cutting-edge Wifi features strongly depends on hostapd built
with specific flags enabled and compatible hardware
Instance managing: Instance managing:
--daemon Run in background --daemon Run in background
@ -209,20 +216,6 @@ define_global_variables(){
WPA_VERSION=2 WPA_VERSION=2
MAC_FILTER=0 MAC_FILTER=0
MAC_FILTER_ACCEPT=/etc/hostapd/hostapd.accept MAC_FILTER_ACCEPT=/etc/hostapd/hostapd.accept
IEEE80211N=0
REQUIREHT=0
IEEE80211AC=0
REQUIREVHT=0
IEEE80211AX=0
REQUIREHE=0
HT_CAPAB='[HT40+]'
VHT_CAPAB=
VHTCHANNELWIDTH=0
VHTSEG0CHINDEX=0
VHTSEG1CHINDEX=0
HECHANNELWIDTH=0
HESEG0CHINDEX=0
HESEG1CHINDEX=0
DRIVER=nl80211 DRIVER=nl80211
NO_VIRT=0 # not use virtual interface NO_VIRT=0 # not use virtual interface
COUNTRY= COUNTRY=
@ -232,6 +225,29 @@ define_global_variables(){
USE_PSK=0 USE_PSK=0
ISOLATE_CLIENTS=0 ISOLATE_CLIENTS=0
QR=0 # show wifi qr QR=0 # show wifi qr
STATIMEOUT=
#wifi4
IEEE80211N=0
REQUIREHT=0
HT_CAPAB='[HT40+]'
#wifi5
IEEE80211AC=0
REQUIREVHT=0
VHT_CAPAB=
VHTCHANNELWIDTH=0
VHTSEG0CHINDEX=0
VHTSEG1CHINDEX=0
#wifi6
IEEE80211AX=0
REQUIREHE=0
HECHANNELWIDTH=0
HESEG0CHINDEX=0
HESEG1CHINDEX=0
HESUBFE=0
HESUBFR=0
HEMUBFR=0
P2PTWT=0
# script variables # script variables
PHY= PHY=
@ -252,6 +268,7 @@ define_global_variables(){
NM_UNM_LIST= # it's called "list" but for now one interface NM_UNM_LIST= # it's called "list" but for now one interface
NM_PID= NM_PID=
FIREWALLD_PID= FIREWALLD_PID=
OLD_FIREWALLD_ZONE=
TMP_FIREWALLD_ZONE= TMP_FIREWALLD_ZONE=
KEEP_CONFDIR= KEEP_CONFDIR=
} }
@ -291,8 +308,6 @@ parse_user_options(){
SHARE_METHOD=redsocks SHARE_METHOD=redsocks
shift shift
;; ;;
-g) -g)
shift shift
GATEWAY4="$1" GATEWAY4="$1"
@ -321,7 +336,6 @@ parse_user_options(){
shift shift
MAC_USE_RANDOM=1 MAC_USE_RANDOM=1
;; ;;
--dns) --dns)
shift shift
DNS="$1" DNS="$1"
@ -371,12 +385,11 @@ parse_user_options(){
shift shift
DNS_NOCACHE=1 DNS_NOCACHE=1
;; ;;
--isolate-clients) --isolate-clients)
shift shift
ISOLATE_CLIENTS=1 ISOLATE_CLIENTS=1
;; ;;
# wifi ap
--ap) --ap)
shift shift
WIFI_IFACE="$1" WIFI_IFACE="$1"
@ -393,8 +406,6 @@ parse_user_options(){
shift shift
QR=1 QR=1
;; ;;
--hidden) --hidden)
shift shift
HIDDEN=1 HIDDEN=1
@ -408,7 +419,6 @@ parse_user_options(){
MAC_FILTER_ACCEPT="$1" MAC_FILTER_ACCEPT="$1"
shift shift
;; ;;
-c) -c)
shift shift
CHANNEL="$1" CHANNEL="$1"
@ -424,69 +434,9 @@ parse_user_options(){
[[ "$WPA_VERSION" == "2+1" ]] && WPA_VERSION=1+2 [[ "$WPA_VERSION" == "2+1" ]] && WPA_VERSION=1+2
shift shift
;; ;;
--sta-timeout)
--wifi4|--ieee80211n)
shift shift
IEEE80211N=1 STATIMEOUT="$1"
;;
--req-ht|--require-ht)
shift
REQUIREHT=1
;;
--wifi5|--ieee80211ac)
shift
IEEE80211AC=1
;;
--wifi6|--ieee80211ax)
shift
IEEE80211AX=1
;;
--req-he|--require-he)
shift
REQUIREHE=1
;;
--req-vht|--require-vht)
shift
REQUIREVHT=1
;;
--ht-capab)
shift
HT_CAPAB="$1"
shift
;;
--vht-capab)
shift
VHT_CAPAB="$1"
shift
;;
--vht-ch-width|--vht-channel-width)
shift
VHTCHANNELWIDTH="$1"
shift
;;
--vht-seg0-ch|--vht-seg0-channel)
shift
VHTSEG0CHINDEX="$1"
shift
;;
--vht-seg1-ch|--vht-seg1-channel)
shift
VHTSEG1CHINDEX="$1"
shift
;;
--he-ch-width|--he-channel-width)
shift
HECHANNELWIDTH="$1"
shift
;;
--he-seg0-ch|--he-seg0-channel)
shift
HESEG0CHINDEX="$1"
shift
;;
--he-seg1-ch|--he-seg1-channel)
shift
HESEG1CHINDEX="$1"
shift shift
;; ;;
--driver) --driver)
@ -503,7 +453,6 @@ parse_user_options(){
VIRT_NAME="$1" VIRT_NAME="$1"
shift shift
;; ;;
--country) --country)
shift shift
COUNTRY="$1" COUNTRY="$1"
@ -534,7 +483,90 @@ parse_user_options(){
shift shift
USE_PSK=1 USE_PSK=1
;; ;;
# wifi 4
--wifi4|--ieee80211n)
shift
IEEE80211N=1
;;
--req-wifi4|--req-ht|--require-ht)
shift
REQUIREHT=1
;;
--ht-capab)
shift
HT_CAPAB="$1"
shift
;;
# wifi 5
--wifi5|--ieee80211ac)
shift
IEEE80211AC=1
;;
--req-wifi5|--req-vht|--require-vht)
shift
REQUIREVHT=1
;;
--vht-capab)
shift
VHT_CAPAB="$1"
shift
;;
--vht-ch-width|--vht-channel-width)
shift
VHTCHANNELWIDTH="$1"
shift
;;
--vht-seg0-ch|--vht-seg0-channel)
shift
VHTSEG0CHINDEX="$1"
shift
;;
--vht-seg1-ch|--vht-seg1-channel)
shift
VHTSEG1CHINDEX="$1"
shift
;;
# wifi 6
--wifi6|--ieee80211ax)
shift
IEEE80211AX=1
;;
--req-wifi6|--req-he|--require-he)
shift
REQUIREHE=1
;;
--he-ch-width|--he-channel-width)
shift
HECHANNELWIDTH="$1"
shift
;;
--he-seg0-ch|--he-seg0-channel)
shift
HESEG0CHINDEX="$1"
shift
;;
--he-seg1-ch|--he-seg1-channel)
shift
HESEG1CHINDEX="$1"
shift
;;
--he-su-bfe)
shift
HESUBFE=1
;;
--he-su-bfr)
shift
HESUBFR=1
;;
--he-mu-bfr)
shift
HEMUBFR=1
;;
--p2ptwt)
shift
P2PTWT=1
;;
# instance managing
--daemon) --daemon)
shift shift
DAEMONIZE=1 DAEMONIZE=1
@ -557,7 +589,6 @@ parse_user_options(){
shift shift
KEEP_CONFDIR=1 KEEP_CONFDIR=1
;; ;;
*) *)
echo "Invalid parameter: $1" 1>&2 echo "Invalid parameter: $1" 1>&2
exit 1 exit 1
@ -778,7 +809,7 @@ show_interface_pci_info() { # pci id / model / virtual
[[ -n "$driver" ]] && echo "System-already-loaded driver: $driver" [[ -n "$driver" ]] && echo "System-already-loaded driver: $driver"
[[ -n "$device_fullname" ]] && echo "$device_fullname" [[ -n "$device_fullname" ]] && echo "$device_fullname"
echo "" echo ""
# TODO usb # TODO Fix pci and usb devices
} }
alloc_new_vface_name() { # only for wifi alloc_new_vface_name() { # only for wifi
@ -1006,18 +1037,28 @@ is_firewalld_running() {
FIREWALLD_PID= # cancel value if treat as not running FIREWALLD_PID= # cancel value if treat as not running
return 1 # not running return 1 # not running
} }
firewalld_add_tmpzone() { firewalld_addto_tmptrustedzone() {
# TMP_FIREWALLD_ZONE="lrt${$}${SUBNET_IFACE}" OLD_FIREWALLD_ZONE="$(firewall-cmd --get-zone-of-interface=$SUBNET_IFACE 2>/dev/null)"
TMP_FIREWALLD_ZONE="trusted" [[ "$OLD_FIREWALLD_ZONE" == 'trusted' ]] && return
# firewall-cmd --new-zone=$TMP_FIREWALLD_ZONE || die "Failed creating temporary firewalld zone"
TMP_FIREWALLD_ZONE="trusted" # need subnet interface into this zone during linux-router working
if [[ -n "$OLD_FIREWALLD_ZONE" ]]; then
echo "Getting $SUBNET_IFACE out from firewalld zone '$OLD_FIREWALLD_ZONE' ..."
firewall-cmd --zone=$OLD_FIREWALLD_ZONE --remove-interface=$SUBNET_IFACE >/dev/null || die "Failed removing $SUBNET_IFACE from firewalld '$OLD_FIREWALLD_ZONE' zone"
fi
echo "Adding $SUBNET_IFACE to firewalld '$TMP_FIREWALLD_ZONE' zone" echo "Adding $SUBNET_IFACE to firewalld '$TMP_FIREWALLD_ZONE' zone"
firewall-cmd --zone=$TMP_FIREWALLD_ZONE --add-interface=$SUBNET_IFACE >/dev/null || die "Failed adding interface to firewalld temporary zone" firewall-cmd --zone=$TMP_FIREWALLD_ZONE --add-interface=$SUBNET_IFACE >/dev/null || die "Failed adding interface to firewalld temporary '$TMP_FIREWALLD_ZONE' zone"
} }
firewalld_del_tmpzone() { firewalld_restoreoldzone() {
if [[ -n "$TMP_FIREWALLD_ZONE" ]];then if [[ -n "$TMP_FIREWALLD_ZONE" ]];then
echo "Removing $SUBNET_IFACE from firewalld '$TMP_FIREWALLD_ZONE' zone" echo "Removing $SUBNET_IFACE from firewalld '$TMP_FIREWALLD_ZONE' zone"
firewall-cmd --zone=$TMP_FIREWALLD_ZONE --remove-interface=$SUBNET_IFACE >/dev/null firewall-cmd --zone=$TMP_FIREWALLD_ZONE --remove-interface=$SUBNET_IFACE >/dev/null
# firewall-cmd --delete-zone=$TMP_FIREWALLD_ZONE
if [[ -n "$OLD_FIREWALLD_ZONE" ]]; then
echo "Restoring $SUBNET_IFACE to firewalld '$OLD_FIREWALLD_ZONE' zone"
firewall-cmd --zone=$OLD_FIREWALLD_ZONE --add-interface=$SUBNET_IFACE >/dev/null
fi
fi fi
} }
@ -1394,7 +1435,7 @@ _cleanup() {
ip link set down dev "${SUBNET_IFACE}" ip link set down dev "${SUBNET_IFACE}"
firewalld_del_tmpzone firewalld_restoreoldzone
if [[ $VWIFI_IFACE ]]; then # the subnet interface (virtual wifi interface) will be removed if [[ $VWIFI_IFACE ]]; then # the subnet interface (virtual wifi interface) will be removed
iw dev "${VWIFI_IFACE}" del iw dev "${VWIFI_IFACE}" del
@ -1983,21 +2024,46 @@ write_hostapd_conf() {
EOF EOF
fi fi
if [[ -n "$PASSPHRASE" ]]; then
[[ "$WPA_VERSION" == "1+2" ]] && WPA_VERSION=3
if [[ $USE_PSK -eq 0 ]]; then
WPA_KEY_TYPE=passphrase
else
WPA_KEY_TYPE=psk
fi
cat <<- EOF >> "$CONFDIR/hostapd.conf"
wpa=${WPA_VERSION}
wpa_${WPA_KEY_TYPE}=${PASSPHRASE}
wpa_key_mgmt=WPA-PSK
wpa_pairwise=CCMP
rsn_pairwise=CCMP
EOF
else
echo "WARN: WiFi is not protected by password" >&2
fi
if [[ $HOTSPOT20 -eq 1 ]]; then if [[ $HOTSPOT20 -eq 1 ]]; then
echo "hs20=1" >> "$CONFDIR/hostapd.conf" echo "hs20=1" >> "$CONFDIR/hostapd.conf"
fi fi
if [[ -n "$STATIMEOUT" ]]; then
echo "ap_max_inactivity=${STATIMEOUT}" >> "$CONFDIR/hostapd.conf"
fi
# wifi4 -----------------
if [[ $IEEE80211N -eq 1 ]]; then if [[ $IEEE80211N -eq 1 ]]; then
cat <<- EOF >> "$CONFDIR/hostapd.conf" echo "ieee80211n=1" >> "$CONFDIR/hostapd.conf"
ieee80211n=1 fi
ht_capab=${HT_CAPAB}
EOF if [[ -n "$HT_CAPAB" ]]; then
echo "ht_capab=${HT_CAPAB}" >> "$CONFDIR/hostapd.conf"
fi fi
if [[ $REQUIREHT -eq 1 ]]; then if [[ $REQUIREHT -eq 1 ]]; then
echo "require_ht=1" >> "$CONFDIR/hostapd.conf" echo "require_ht=1" >> "$CONFDIR/hostapd.conf"
fi fi
# wifi5 -----------------
if [[ $IEEE80211AC -eq 1 ]]; then if [[ $IEEE80211AC -eq 1 ]]; then
echo "ieee80211ac=1" >> "$CONFDIR/hostapd.conf" echo "ieee80211ac=1" >> "$CONFDIR/hostapd.conf"
fi fi
@ -2006,16 +2072,6 @@ write_hostapd_conf() {
echo "require_vht=1" >> "$CONFDIR/hostapd.conf" echo "require_vht=1" >> "$CONFDIR/hostapd.conf"
fi fi
if [[ $IEEE80211AX -eq 1 ]]; then
echo "ieee80211ax=1" >> "$CONFDIR/hostapd.conf"
fi
if [[ $REQUIREHE -eq 1 ]]; then
echo "require_he=1" >> "$CONFDIR/hostapd.conf"
fi
if [[ -n "$VHT_CAPAB" ]]; then if [[ -n "$VHT_CAPAB" ]]; then
echo "vht_capab=${VHT_CAPAB}" >> "$CONFDIR/hostapd.conf" echo "vht_capab=${VHT_CAPAB}" >> "$CONFDIR/hostapd.conf"
fi fi
@ -2038,6 +2094,27 @@ write_hostapd_conf() {
EOF EOF
fi fi
# wifi6 -----------------
if [[ $IEEE80211AX -eq 1 ]]; then
echo "ieee80211ax=1" >> "$CONFDIR/hostapd.conf"
fi
if [[ $REQUIREHE -eq 1 ]]; then
echo "require_he=1" >> "$CONFDIR/hostapd.conf"
fi
if [[ $HESUBFE -eq 1 ]]; then
echo "he_su_beamformee=1" >> "$CONFDIR/hostapd.conf"
fi
if [[ $HESUBFR -eq 1 ]]; then
echo "he_su_beamformer=1" >> "$CONFDIR/hostapd.conf"
fi
if [[ $HEMUBFR -eq 1 ]]; then
echo "he_mu_beamformer=1" >> "$CONFDIR/hostapd.conf"
fi
if [[ $HECHANNELWIDTH -gt 0 ]]; then if [[ $HECHANNELWIDTH -gt 0 ]]; then
cat <<- EOF >> "$CONFDIR/hostapd.conf" cat <<- EOF >> "$CONFDIR/hostapd.conf"
he_oper_chwidth=${HECHANNELWIDTH} he_oper_chwidth=${HECHANNELWIDTH}
@ -2056,27 +2133,15 @@ write_hostapd_conf() {
EOF EOF
fi fi
if [[ $P2PTWT -eq 1 ]]; then
echo "peer_to_peer_twt=1" >> "$CONFDIR/hostapd.conf"
fi
# -----------------
if [[ $IEEE80211N -eq 1 ]] || [[ $IEEE80211AC -eq 1 ]] || [[ $IEEE80211AX -eq 1 ]]; then if [[ $IEEE80211N -eq 1 ]] || [[ $IEEE80211AC -eq 1 ]] || [[ $IEEE80211AX -eq 1 ]]; then
echo "wmm_enabled=1" >> "$CONFDIR/hostapd.conf" echo "wmm_enabled=1" >> "$CONFDIR/hostapd.conf"
fi fi
if [[ -n "$PASSPHRASE" ]]; then
[[ "$WPA_VERSION" == "1+2" ]] && WPA_VERSION=3
if [[ $USE_PSK -eq 0 ]]; then
WPA_KEY_TYPE=passphrase
else
WPA_KEY_TYPE=psk
fi
cat <<- EOF >> "$CONFDIR/hostapd.conf"
wpa=${WPA_VERSION}
wpa_${WPA_KEY_TYPE}=${PASSPHRASE}
wpa_key_mgmt=WPA-PSK
wpa_pairwise=CCMP
rsn_pairwise=CCMP
EOF
else
echo "WARN: WiFi is not protected by password" >&2
fi
chmod 600 "$CONFDIR/hostapd.conf" chmod 600 "$CONFDIR/hostapd.conf"
} }
@ -2424,7 +2489,7 @@ fi
echo "" echo ""
is_firewalld_running && firewalld_add_tmpzone is_firewalld_running && firewalld_addto_tmptrustedzone
echo echo