On Sunday, August 02, 2015 11:12:07 PM Mick wrote: > On Sunday 02 Aug 2015 22:04:41 Fernando Rodriguez wrote: > > On Sunday, August 02, 2015 1:29:50 PM Mick wrote: > > > On Sunday 02 Aug 2015 01:50:21 Fernando Rodriguez wrote: > > > > Hello, > > > > > > > > After installing hostapd I can successfully connect to the AP, I can > > > > get DHCP from it, but I cannot access the network through it (neither > > > > lan or internet). > > > > > > This sounds like a (network) routing problem, rather than a hostapd > > > issue. > > > > It looks like that, but if I stop iptables completely on the router all > > unicast traffic still works in the lan (both wired and through an external > > AP), so if I connect to the hostapd AP with iptables off, shouldn't I at > > the very least be able to ping the wireless interface on the router? > > > > I also tried with only the following rule which enables internet access to > > all wired workstations and through external AP: > > > > iptables -t nat -A POSTROUTING -o enp0s8 -j MASQUERADE > > You should probably specify the local subnet, so that multicast packets are > not sent out to the Internet, e.g.: > > iptables -t nat -A POSTROUTING -o enp0s8 -s 192.168.1.0/24 ! -d 192.168.1.0/24 > -j MASQUERADE > > (Change 192.168.1.0/24 to suit your LAN subnet)
I'm not actually using that rule except as a minimal setup for troubleshooting this issue. My actual rules do specify the subnet. > Also have you enabled ip forwarding in your kernel: > > sysctl -w net.ipv4.ip_forward=1 Yes, it is an existing router that works perfectly except for the hostapd AP. My current setup is as follows: Internet -> Gentoo Router -> Switch -> AP Where AP is a wifi router with routing features disabled. Never had problems with it. Now I installed hostapd on "Gentoo Router" and everything else still works fine except when I connect to the hostapd AP. Even with only that minimal iptable rule or no rules at all. Thanks, -- Fernando Rodriguez
