This is a detailed recipe for a wifi repeater setup, using two off-the-shelf router/NAT/AP boxes.
- 1 laptop running linux -- the client
- 1 piece of Cat-5 ethernet cable
- 2 private-addressing /24 IP ranges: 10.19.72/24 and 10.19.73/24. 10.19.72 will be used for the Netgear-WRT link, 10.19.73 for the internal hosts, and both will be kept private, NATted from the internet.
Read this Hackaday article, which describes how to get the OpenWRT box running in 'sta' client mode.
Plug the ethernet into the WRT and the laptop. On the laptop, run:
sudo ifconfig eth0 10.19.72.3 sudo ifconfig eth0 down sudo route add -net default gw 10.19.72.3
All traffic is now set to use ethernet instead of wifi. Log into the WRT and issue the following:
nvram show > /tmp/full.dump nvram set lan_ifname=vlan0 nvram unset lan_ifnames nvram set lan_proto=static nvram set lan_ipaddr=10.19.72.1 nvram set wifi_ifname=eth1 nvram set wifi_proto=dhcp nvram set wl0_ifname=eth1 nvram set wl0_mode=sta nvram set wl0_infra=1 nvram set wl0_ssid="[the SSID string]" nvram unset wl_mode nvram unset wl_infra nvram unset wl_ssid ifdown lan ; ifup lan ifdown wifi ; ifup wifi
Save that "/tmp/full.dump" somewhere safe, off the WRT! e.g. on the laptop, do:
scp [email protected]:/tmp/full.dump full.dump
Anyway, back to the WRT. Note: those settings haven't been committed to NVRAM yet, so don't reboot. This command will then successfully list your APs in range:
wl scan ; sleep 1 ; wl scanresults
Now, I'm supposed to be able to do this:
wl join "[the SSID string]" ifdown lan ; ifup lan ifdown wifi ; ifup wifi udhcpc -i eth1 ping 22.214.171.124
But OpenWRT's doco is slightly awry there; it doesn't yet work. In my experience, I had to just satisfy myself that the LAN interface was working reliably, save a few local copies of brick-recovery HOWTO documents, cross my fingers, and commit the changes to NVRAM:
nvram commit; reboot
Anyway, after that reboot, "ping 126.96.36.199" from the WRT does indeed work, so the WRT is now connected to both the LAN and the neighbour's wifi! Now to get bridging working.
Setting up the repeater router
So, next step is to get the repeater router working. First off, plug the laptop on my laptop, switch from DHCP-assigned-address wifi to the ethernet (this is the same as the first step in the WRT set above):
sudo ifconfig eth0 10.19.72.3 sudo ifconfig ath0 down sudo route add -net default gw 10.19.72.3
Turn on the Netgear POS router, turn off proxies in firefox, and log into the admin interface via whatever IP address/user/password it's set up to use. Go to the "settings / LAN IP Setup" page, and set:
- LAN IP address: 10.19.73.1
- DHCP range: 10.19.73.3 to 10.19.73.127
Apply, and reset the laptop's IP to use that network.
sudo ifconfig eth0 10.19.73.3 up sudo ifconfig ath0 down sudo route add -net default gw 10.19.73.3
Re-login at http://10.19.73.1/ . Now, go to "settings / Setup / Basic Settings":
- Use static IP: 10.19.72.2
- gateway IP address: 10.19.72.1
Apply. "settings / Wireless", select an SSID string and a channel that differ from the WRT-to-neighbour SSID and channel:
- SSID: MySSIDString
- Channel: 11
Apply. Next, on the laptop:
sudo ifconfig eth0 down sudo vi /etc/network/interfaces
Add these two lines:
iface ath0 inet dhcp wireless-essid MySSIDString
And bring up the wifi:
sudo ifup ath0; sudo dhclient ath0
Unplug the ethernet cable, and plug it from an ethernet port on the WRT to an ethernet port on the Netgear.
You should now be able to:
ping 10.19.73.1 ping 10.19.72.1 ssh [email protected]
in other words, you can now ssh from the laptop via wifi, via the Netgear, to the WRT. You can also ping 188.8.131.52 on the WRT, but cannot yet do that from the Netgear or the laptop. Next step is to set up NAT. On laptop:
scp [email protected]:/etc/init.d/S45firewall S45firewall cp S45firewall S45firewall.wifi
Since we're basically using the wifi interface as the internet-facing interface, the changes required are easy; edit 'S45firewall.wifi' and replace "wan_" with "wifi_". Then, copy it back:
scp S45firewall.wifi [email protected]:/etc/setupmasq ssh [email protected] rm /etc/init.d/S45firewall reboot
When the machine comes back up, log in again and run that script:
ssh [email protected] /etc/setupmasq
Check the laptop; everything should now work; HTTP, ping 184.108.40.206, the works. If you're brave, set up that masq script as '/etc/init.d/S45firewall'; otherwise just remember to re-run it if you accidentally unplug the WRT.
Given all that, you've now constructed a wifi repeater out of left-over bits of off-the-shelf commodity hardware and open-source software!