Friday, November 16, 2012

Creating Software Access Point like Connectify for Windows [hostapd + dnsmasq]

Android phones can't connect to Adhoc connections bu default. They need to be rooted and the default wpa_supplicant binary has to be replaced by a custom binary.

Linux seems to miss a "Connectify for Linux" but creating a software access point isn't that difficult.

This post is stolen from here  and only contains the part which is important without overflowing the reader with the details.

First install the two packages, hostapd & dnsmasq.
Ensure that your hostapd.conf looks similar to this.
ssid=shadyabhi's ThinkpadX220
max_num_sta=255 # max number of clients
wpa=2           # use WPA2
wpa_pairwise=TKIP CCMP
Uncomment the line conf-dir=/etc/dnsmasq.d in /etc/dnsmasq.conf that includes all the conf files from /etc/dnsmasq.d/. Create a file /etc/dnsmasq.d/dhcpd (create the folder if required) with the following contents.
Some final steps include giving ip to wlan0, enabling IP forwarding & adding a masquerade rule (replace eth0 with whatever interface has the default route).
sysctl net.ipv4.ip_forward=1 
ifconfig wlan0 #IP is this because our dns server will service ips from to with 12h lease time
iptables -t nat -A POSTROUTING -s -o eth0 -j MASQUERADE # setup NAT
I assume that everyone has left the past and now everyone uses systemd. Start the two daemons..
systemctl start hostapd.service
systemctl start dnsmasq.service
You should have a working Software Access Point by now! I told you, it wasn't that hard.

(You might want to add "DAEMON_CONF=/etc/hostapd/hostapd.conf" in "/etc/default/hostapd" in Ubuntu)

Well, this post shouldn't entirely be a copy of wiki so what if you want to see what all connects are your clients making in a pretty GUI, use iftop for that. Fireup the program with command $iftop -i wlan0  and you'll have pretty GUI like

If you want to see, what all IPs have been given by your DHCP server, checkout the file /var/lib/misc/dnsmasq.leases.
[root@archlinux shadyabhi]# cat /var/lib/misc/dnsmasq.leases
1353095739 31:32:33:34:0a:48 android-9asdc9de3c88b1d9 *
[root@archlinux shadyabhi]# 
The first column tells when was the lease given.


  1. Can You please help how to do the same in ubuntu ? I got a internal Broadcom wifi card in which the Windows partition uses connectify to share the WPA2 encrypted connection while there is no option to do the same in ubuntu.

  2. It'll be same in Ubuntu. Only differences can be the name of the interface name (should most probably be eth0, check by executing command ifconfig). Install the two packages hostapd and dnsmasq using "sudo apt-get install hostapd dnsmasq". Copy paste the config files as mentioned above. iptables and sysctl commands are consistent across all distributions. To reload the services for changes in config files to take effect, use the usual way of restarting the service in ubuntu. It has been quite a while since I shifted from ubuntu and many things have changed, use one of the working ways to restart the services. . If you are stuck somewhere, I'll be happy to help.

  3. * Starting DNS forwarder and DHCP server dnsmasq
    dnsmasq: bad option at line 3 of /etc/dnsmasq.d/dhcpd

  4. contents of /etc/dnsmasq.d/dhcpd

    sysctl -w net.ipv4.ip_forward=1
    ifconfig wlan0 #IP is this because our dns server will service ips from to with 12h lease time
    iptables -t nat -A POSTROUTING -s -o ppp0 -j MASQUERADE # setup NAT

  5. SORRY I am not able to run dnsmasq service as it couldn't start on Ubuntu,

  6. sysctl -w net.ipv4.ip_forward=1
    ifconfig wlan0
    iptables -t nat -A POSTROUTING -s -o ppp0 -j MASQUERADE

    are the commands to be executed in the terminal. They are not to be put up in the conf file.

  7. I already got that I had put them in script but I am not able to start dnsmasq service since similar service is already started by Network-Manager and it don't the conf file. I tried killing the default service but Network-Manager shuts down bringing down the Internet connection.

    I am trying to use other alternative dhcp3-server but unable to configure it properly.
    Thanks for you help anyway.