• View
• Edit
• History
• Print

Host Access Point

In this guide, we configure our system to act as a Host Access Point (also known as a WiFi hotspot) for other devices to connect to.

First, check to ensure that the device driver for your wireless card can support Host AP mode. For example, the athn(4) driver's man page indicates it supports Host AP mode.

# cat /etc/hostname.if0
mediaopt hostap
nwid mynwid wpakey mywpapasswd
inet 192.168.30.1 255.255.255.0

Replace if0 with your actual device. For media option, we pass in hostap. Replace mynwid with your desired network ID, and mywpapasswd with your desired password. We are going to assign all clients reserved IPs from the subnet 192.168.30.0/24.

Make sure to restart networking for that device:

# sh /etc/netstart if0

Next, we enable routing:

# sysctl net.inet.ip.forwarding=1
# echo "net.inet.ip.forwarding=1" >> /etc/sysctl.conf
# sysctl net.inet6.ip6.forwarding=1
# echo "net.inet6.ip6.forwarding=1" >> /etc/sysctl.conf

Next, we configure dhcpd:

# cat /etc/dhcpd.conf                                             
option domain-name "example.com";

subnet 192.168.30.1 netmask 255.255.255.0 {
        option routers 192.168.30.1;
        option domain-name-servers 192.168.30.1;
        range 192.168.30.2 192.168.30.254;
}
# rcctl enable dhcpd
# rcctl set dhcpd flags if0
# rcctl start dhcpd

You will need to either configure a caching nameserver on the host that listens to address 192.168.30.1, or choose a free public DNS service.

Finally, because we are using network address translation, we need to add a rule to packet filter:

match out on egress from !(egress:network) to any nat-to (egress:0)

Then reload the ruleset:

# pfctl -f /etc/pf.conf

Troubleshooting

If networking does not work immediately, try a reboot to ensure that all networking changes were properly applied.