Home arrow BrainDump arrow Page 4 - Building a Linux Wireless Access Point

4.2 Bridging Wireless to Wired - BrainDump

Over the past few years, wireless networking has made everyone's lives easier, thanks to being able to connect to the Internet just about anywhere. If you run a Linux shop and want to go wireless, this five-part series will show you how to set up a wireless access point. It is excerpted from chapter four of the Linux Networking Cookbook, written by Carla Schroder (O'Reilly; ISBN: 0596102488. Copyright © 2008 O'Reilly Media, Inc. All rights reserved. Used with permission from the publisher. Available from booksellers or direct from O'Reilly Media.

  1. Building a Linux Wireless Access Point
  2. Security
  3. 4.1 Building a Linux Wireless Access Point
  4. 4.2 Bridging Wireless to Wired
By: O'Reilly Media
Rating: starstarstarstarstar / 2
February 02, 2010

print this article




How do you integrate your wired and wireless clients so that they share an Internet connection and LAN services all in one big happy subnet? You know that when you have multiple Ethernet interfaces on the same box they cannot all be on the same subnet, but must all have addresses from separate subnets. You want everyone all in a single subnet, and donít want a lot of administration headaches, so how will you do this?


Your routerboard needs at least three network interfaces: your Atheros interface, plus two Ethernet interfaces. ath0 is your wireless interface, eth0 is the LAN interface, and eth1 is your WAN interface.

What we will do is build an Ethernet bridge between ath0 and eth0. Copy this example /etc/network/interfaces, substituting your own LAN addresses and your own ESSID. Remember to run /sbin/rw first to make the Pyramid filesystem writable:

  pyramid:~# /sbin/rw
  pyramid:~# nano /etc/network/interfaces

  ## wireless bridge configuration
  auto lo
  iface lo inet loopback

  auto br0
iface br0 inet static
         bridge_ports ath0 eth0
          post-down wlanconfig ath0 destroy
          pre-up wlanconfig ath0 create wlandev wifi0 wlanmode ap
          pre-up iwconfig ath0 essid "alrac-net" channel 01 rate auto
          pre-up ifconfig ath0 up
          pre-up sleep 3

You can test this now by networking with some LAN hosts that have static IP addresses. First restart networking on the router:

  pyramid:~# /etc/init.d/networking restart

This creates a wide-open wireless access point. Point your clients to as the default gateway, and you should be able to easily join any wireless clients to your LAN, and ping both wired and wireless PCs. When youíre finished, remember to return the filesystem to read-only:

  pyramid:~# /sbin/ro


This recipe is totally insecure, but it lets you test your bridge and wireless connectivity before adding more services.

Letís review the options used in this configuration:


Define the two interfaces to bridge.

post-down wlanconfig ath0 destroy

This command tears down the access point when the network interfaces go down. wlanconfig is part of MadWiFi-ng. Use it to create, destroy, and manage access points. With wlanconfig, you can have multiple access points on a single device.

pre-up wlanconfig ath0 create wlandev wifi0 wlanmode ap

wifi0 is the name the kernel gives to your Atheros interface, which you can see with dmesg. Next, wlanconfig creates the virtual access point, ath0, on top of wifi0.

pre-up iwconfig ath0 essid "alrac-net" channel 01 rate auto

Assign the ESSID, channel, and bit-rate. To see the channels, frequencies, and bit-rates supported by your interface card, use this command:

  pyramid:~# wlanconfig ath0 list chan

How do you know which channel to use? If you have only one access point, channel 1 should work fine. If you have up to three, try using channels 1, 6, and 11. For more complex networks, please refer to Matthew Gastís excellent book, 802.11 Wireless Networks: The Definitive Guide (OíReilly):

pre-up ifconfig ath0 up
   Bring up ath0 before the bridge comes up.

pre-up sleep 3
   Brief pause to make sure that everything comes up 
   in order.

You donít have to build the bridge in the traditional way, by configuring eth0 with a zero-IP address, or bringing it up before the bridge is built, because scripts in /etc/ network/if-pre-up.d handle that for you.

Iím sure some of you are wondering about ebtables. ebtables is like iptables for Ethernet bridges. iptables cannot filter bridge traffic, but ebtables can. There are many ingenious ways to use ebtables and Ethernet bridges in your network. In this chapter, Iím leaving ebtables out on purpose because we will be running an iptables Internet firewall on our access point. ebtables is not suitable for an Internet firewall, and trying to use both on the same box is too complicated for this old admin.

See Also
  • Pyramid Linux does not include manpages, so you should either install the applications in this chapter on a PC, or rely on Google
  • wlanconfig is part of MadWiFi-ng
  • man 8 brctl for bridge options
  • iwconfig is part of the wireless-tools package
  • man 8 iwconfig
  • Pyramid Linux: http://pyramid.metrix.net/
  • Recipe 3.2
  • 802.11 Wireless Networks: The Definitive Guide, by Matthew Gast (OíReilly)

Please check back for the next part of this series.

>>> More BrainDump Articles          >>> More By O'Reilly Media

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort


- Apple Founder Steve Jobs Dies
- Steve Jobs` Era at Apple Ends
- Google's Chrome Developer Tool Updated
- Google's Chrome 6 Browser Brings Speed to th...
- New Open Source Update Fedora 13 is Released...
- Install Linux with Knoppix
- iPad Developers Flock To SDK 3.2
- Managing a Linux Wireless Access Point
- Maintaining a Linux Wireless Access Point
- Securing a Linux Wireless Access Point
- Configuring a Linux Wireless Access Point
- Building a Linux Wireless Access Point
- Migrating Oracle to PostgreSQL with Enterpri...
- Demystifying SELinux on Kernel 2.6
- Yahoo and Microsoft Create Ad Partnership

Developer Shed Affiliates


Dev Shed Tutorial Topics: