AP FC8
From M1Research
(→Testing) |
(→configuration) |
||
(7 intermediate revisions not shown) | |||
Line 19: | Line 19: | ||
Flags: PMEClk- DSI- D1- D2- AuxCurrent=375mA PME(D0-,D1-,D2-,D3hot-,D3cold-) | Flags: PMEClk- DSI- D1- D2- AuxCurrent=375mA PME(D0-,D1-,D2-,D3hot-,D3cold-) | ||
Status: D0 PME-Enable- DSel=0 DScale=2 PME- | Status: D0 PME-Enable- DSel=0 DScale=2 PME- | ||
+ | Kernel driver in use: ath_pci | ||
+ | Kernel modules: ath_pci | ||
+ | --skipped-- | ||
+ | [root@dev-1 var]# lspci -vn | ||
+ | --skipped-- | ||
+ | 01:0b.0 0200: 168c:0013 (rev 01) | ||
+ | Subsystem: 1186:3a73 | ||
+ | Flags: bus master, medium devsel, latency 168, IRQ 23 | ||
+ | Memory at ff8f0000 (32-bit, non-prefetchable) [size=64K] | ||
+ | Capabilities: [44] Power Management version 2 | ||
Kernel driver in use: ath_pci | Kernel driver in use: ath_pci | ||
Kernel modules: ath_pci | Kernel modules: ath_pci | ||
Line 106: | Line 116: | ||
=Network services configuration= | =Network services configuration= | ||
==DHCP== | ==DHCP== | ||
- | <code>/etc/dhcpd.conf</code>:<pre>ddns-update-style interim; | + | <code>/etc/dhcpd.conf</code>:<pre>ddns-updates on; |
+ | ddns-update-style interim; | ||
+ | ddns-domainname "home-home"; | ||
+ | ddns-rev-domainname "in-addr.arpa"; | ||
ignore client-updates; | ignore client-updates; | ||
+ | include "/etc/rndc.key"; | ||
- | subnet 192.168.1.0 netmask 255.255.255.0 { | + | subnet 192.168.1.0 netmask 255.255.255.0 |
+ | { | ||
+ | option routers 192.168.1.1; | ||
+ | option subnet-mask 255.255.255.0; | ||
- | + | option nis-domain "home-home"; | |
- | + | option domain-name "home-home"; | |
- | + | option domain-name-servers 192.168.1.1; | |
- | + | option ntp-servers 192.168.1.1; | |
- | + | option netbios-name-servers 192.168.1.1; | |
- | + | ||
- | + | range dynamic-bootp 192.168.1.128 192.168.1.254; | |
- | + | default-lease-time 21600; | |
- | + | max-lease-time 43200; | |
- | + | ||
- | + | ||
- | + | ||
- | + | zone home-home. { | |
- | + | primary 127.0.0.1; | |
- | + | key "rndckey"; | |
+ | } | ||
+ | |||
+ | zone 1.168.192.in-addr.arpa. { | ||
+ | primary 127.0.0.1; | ||
+ | key "rndckey"; | ||
+ | } | ||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
}</pre> | }</pre> | ||
==DNS== | ==DNS== | ||
<code>/etc/named.conf</code>:<pre>options { | <code>/etc/named.conf</code>:<pre>options { | ||
- | |||
listen-on-v6 port 53 { ::1; }; | listen-on-v6 port 53 { ::1; }; | ||
directory "/var/named"; | directory "/var/named"; | ||
Line 160: | Line 172: | ||
type hint; | type hint; | ||
file "named.ca"; | file "named.ca"; | ||
+ | }; | ||
+ | |||
+ | include "/etc/rndc.key"; | ||
+ | |||
+ | zone "home-home" { | ||
+ | type master; | ||
+ | allow-update { key rndckey; }; | ||
+ | file "slaves/home-home.zone"; | ||
+ | }; | ||
+ | |||
+ | zone "1.168.192.in-addr.arpa" { | ||
+ | type master; | ||
+ | allow-update { key rndckey; }; | ||
+ | file "slaves/1.168.192.in-addr.arpa.zone"; | ||
}; | }; | ||
include "/etc/named.rfc1912.zones";</pre> | include "/etc/named.rfc1912.zones";</pre> | ||
- | == | + | <code>/var/named/chroot/var/named/slaves/home-home.zone</code>:<pre>@ in soa localhost. root 1 3H 15M 1W 1D |
+ | ns localhost. | ||
+ | </pre> | ||
+ | |||
+ | <code>/var/named/chroot/var/named/slaves/1.168.192.in-addr.arpa.zone</code>:<pre>@ in soa localhost. root 1 3H 15M 1W 1D | ||
+ | ns localhost. | ||
+ | </pre> | ||
+ | |||
+ | Change attribute to zone files:<pre>[root@dev-1 slaves]# chown named.named /var/named/chroot/var/named/slaves/* | ||
+ | [root@dev-1 slaves]# chmod 660 /var/named/chroot/var/named/slaves/*</pre> | ||
+ | |||
+ | ==Firewall (iptables)== | ||
<code>/etc/sysconfig/iptables</code>:<pre>*nat | <code>/etc/sysconfig/iptables</code>:<pre>*nat | ||
-A POSTROUTING -o eth0 -j MASQUERADE | -A POSTROUTING -o eth0 -j MASQUERADE | ||
Line 243: | Line 280: | ||
wpa_psk_file=/etc/hostapd/wpa_psk | wpa_psk_file=/etc/hostapd/wpa_psk | ||
wpa_key_mgmt=WPA-PSK | wpa_key_mgmt=WPA-PSK | ||
- | wpa_pairwise=CCMP</ | + | wpa_pairwise=CCMP</pre> |
Please note: <code>ssid=home-home</code> should define the same SSID as you defined during interface configuration, <code>wpa_pairwise=CCMP</code> mean that AES used for key management. | Please note: <code>ssid=home-home</code> should define the same SSID as you defined during interface configuration, <code>wpa_pairwise=CCMP</code> mean that AES used for key management. | ||
Line 303: | Line 340: | ||
</pre> | </pre> | ||
- | Try to connect from another pc throw WiFi to AP <i>home-home</i> with listed above credentials. On success you will see in the logs:<pre>Jul 12 | + | Try to connect from another pc throw WiFi to AP <i>home-home</i> with listed above credentials. On success you will see in the logs:<pre>Jul 12 14:59:41 dev-1 hostapd: wlan0: STA 00:19:cb:74:d7:74 IEEE 802.11: associated |
- | Jul 12 | + | Jul 12 14:59:41 dev-1 hostapd: wlan0: STA 00:19:cb:74:d7:74 WPA: pairwise key handshake completed (WPA) |
- | Jul 12 | + | Jul 12 14:59:42 dev-1 dhcpd: DHCPDISCOVER from 00:19:cb:74:d7:74 via br0 |
+ | Jul 12 14:59:42 dev-1 hostapd: wlan0: STA 00:19:cb:74:d7:74 WPA: group key handshake completed (WPA) | ||
+ | Jul 12 14:59:43 dev-1 dhcpd: DHCPOFFER on 192.168.1.254 to 00:19:cb:74:d7:74 (bm) via br0 | ||
+ | Jul 12 14:59:43 dev-1 named[2838]: client 127.0.0.1#53752: updating zone 'home-home/IN': update unsuccessful: bm.home-home: 'name not in use' prerequisite not satisfied (YXDOMAIN) | ||
+ | Jul 12 14:59:43 dev-1 named[2838]: client 127.0.0.1#45106: signer "rndckey" approved | ||
+ | Jul 12 14:59:43 dev-1 named[2838]: client 127.0.0.1#45106: updating zone 'home-home/IN': deleting rrset at 'bm.home-home' A | ||
+ | Jul 12 14:59:43 dev-1 named[2838]: client 127.0.0.1#45106: updating zone 'home-home/IN': adding an RR at 'bm.home-home' A | ||
+ | Jul 12 14:59:43 dev-1 dhcpd: Added new forward map from bm.home-home to 192.168.1.254 | ||
+ | Jul 12 14:59:43 dev-1 named[2838]: client 127.0.0.1#46822: signer "rndckey" approved | ||
+ | Jul 12 14:59:43 dev-1 named[2838]: client 127.0.0.1#46822: updating zone '1.168.192.in-addr.arpa/IN': deleting rrset at '254.1.168.192.in-addr.arpa' PTR | ||
+ | Jul 12 14:59:43 dev-1 named[2838]: client 127.0.0.1#46822: updating zone '1.168.192.in-addr.arpa/IN': adding an RR at '254.1.168.192.in-addr.arpa' PTR | ||
+ | Jul 12 14:59:43 dev-1 dhcpd: added reverse map from 254.1.168.192.in-addr.arpa to bm.home-home | ||
+ | Jul 12 14:59:43 dev-1 dhcpd: DHCPREQUEST for 192.168.1.254 (192.168.1.1) from 00:19:cb:74:d7:74 (bm) via br0 | ||
+ | Jul 12 14:59:43 dev-1 dhcpd: DHCPACK on 192.168.1.254 to 00:19:cb:74:d7:74 (bm) via br0 | ||
+ | Jul 12 14:59:45 dev-1 named[2838]: unexpected RCODE (15) resolving 'NS.SECONDARY.NET.UA/AAAA/IN': 195.47.253.1#53 | ||
+ | Jul 12 14:59:48 dev-1 dhcpd: DHCPREQUEST for 192.168.1.254 from 00:19:cb:74:d7:74 (bm) via br0 | ||
+ | Jul 12 14:59:48 dev-1 dhcpd: DHCPACK on 192.168.1.254 to 00:19:cb:74:d7:74 (bm) via br0 | ||
+ | </pre> | ||
+ | |||
+ | As seen from this log, <b>hostapd</b> successfully authorize client, DHCP service leased an address and registered in DNS forward and reverse name resolving map. |
Latest revision as of 16:22, 12 July 2008
Contents |
WiFi Hardware
As we are going build WPA protected Access Point it's required authorization daemon supports our hardware. Authorization software based on hostapd. As seen from hostapd's home page it support chipsets/drivers:
- Host AP driver for Prism2/2.5/3
- madwifi (Atheros ar521x)
- Prism54.org (Prism GT/Duette/Indigo)
After some research on our local PC components market we choose D-link DWA-520 that is Atheros chipset based:
[root@dev-1 ~]# lspci -vvv --skipped-- 01:0b.0 Ethernet controller: Atheros Communications, Inc. AR5212/AR5213 Multiprotocol MAC/baseband processor (rev 01) Subsystem: D-Link System Inc Unknown device 3a73 Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV+ VGASnoop- ParErr- Stepping- SERR+ FastB2B- DisINTx- Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=medium >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx- Latency: 168 (2500ns min, 7000ns max), Cache Line Size: 32 bytes Interrupt: pin A routed to IRQ 23 Region 0: Memory at ff8f0000 (32-bit, non-prefetchable) [size=64K] Capabilities: [44] Power Management version 2 Flags: PMEClk- DSI- D1- D2- AuxCurrent=375mA PME(D0-,D1-,D2-,D3hot-,D3cold-) Status: D0 PME-Enable- DSel=0 DScale=2 PME- Kernel driver in use: ath_pci Kernel modules: ath_pci --skipped-- [root@dev-1 var]# lspci -vn --skipped-- 01:0b.0 0200: 168c:0013 (rev 01) Subsystem: 1186:3a73 Flags: bus master, medium devsel, latency 168, IRQ 23 Memory at ff8f0000 (32-bit, non-prefetchable) [size=64K] Capabilities: [44] Power Management version 2 Kernel driver in use: ath_pci Kernel modules: ath_pci --skipped--
and supported by madwifi drivers.
Generic Installation
Generic installation steps:
- install WiFi pci board
- install additional ethernet adapter (we want 2 adapters: 1st WAN, 2nd LOCAL LAN)
- install minimal Fedora Core 8 installation
- update all installed Fedora packeges
- install required packages for building madwifi drivers and hostapd:
- gcc
- openssl-devel
- kernel package development (in my case kernel-devel-2.6.25.9-40.fc8)
- dhcp
- bind, bind-chroot
- bridge-utils
- download to
/usr/local/src
madwifi driver and hostapd source code:-
madwifi-0.9.4.tar.gz
-
hostapd-0.6.3.tar.gz
-
Building/configuring driver
Unpack madwifi-0.9.4.tar.gz
to /usr/local/src
:
[root@dev-1 ~]# cd /usr/local/src [root@dev-1 src]# gzip -cd madwifi-0.9.4.tar.gz | tar xf -Goto source code directory, build and install:
[root@dev-1 src]# cd madwifi-0.9.4 [root@dev-1 madwifi-0.9.4]# make Checking requirements... ok. Checking kernel configuration... ok. make -C /lib/modules/2.6.25.9-40.fc8/build SUBDIRS=/usr/local/src/madwifi-0.9.4 modules make[1]: Entering directory `/usr/src/kernels/2.6.25.9-40.fc8-i686' CC [M] /usr/local/src/madwifi-0.9.4/ath/if_ath.o --skipped-- gcc -o ath_info -g -O2 -Wall ath_info.c make[1]: Leaving directory `/usr/local/src/madwifi-0.9.4/tools' [root@dev-1 madwifi-0.9.4]# make installRemove old
ath5k
driver:[root@dev-1 madwifi-0.9.4]# rm -f -r -d /lib/modules/2.6.25.9-40.fc8/kernel/drivers/net/wireless/ath5k [root@dev-1 madwifi-0.9.4]# depmod -aCheck
/etc/modprobe.conf
contains correct options for new driver and wlan0
associated with ath_pci
driver:alias eth0 e100 alias eth0 eth1 #alias wlan0 ath5k alias wlan0 ath_pci options ath_pci autocreate=ap alias scsi_hostadapter libata alias scsi_hostadapter1 ata_piix
Network configuration
Setup ethernet adaptor eth0
for WAN interface and bridge (eth1 + wlan0) for local network.
/etc/sysconfig/network-scripts/ifcfg-br0
DEVICE=br0 TYPE=Bridge BOOTPROTO=static IPADDR=192.168.1.1 NETMASK=255.255.255.0 ONBOOT=yes DELAY=0 STP=off
/etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0 BOOTPROTO=static BROADCAST=10.1.255.255 IPADDR=10.1.5.190 NETMASK=255.255.0.0 NETWORK=10.1.0.0 ONBOOT=yes
/etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1 TYPE=ETHER BRIDGE=br0 ONBOOT=yes
/etc/sysconfig/network-scripts/ifcfg-wlan0
DEVICE=wlan0 BRIDGE=br0 ONBOOT=yes MODE=master ESSID="home-home"
Please note that our AP network ESSID we setted to home-home.
Network services configuration
DHCP
/etc/dhcpd.conf
:ddns-updates on; ddns-update-style interim; ddns-domainname "home-home"; ddns-rev-domainname "in-addr.arpa"; ignore client-updates; include "/etc/rndc.key"; subnet 192.168.1.0 netmask 255.255.255.0 { option routers 192.168.1.1; option subnet-mask 255.255.255.0; option nis-domain "home-home"; option domain-name "home-home"; option domain-name-servers 192.168.1.1; option ntp-servers 192.168.1.1; option netbios-name-servers 192.168.1.1; range dynamic-bootp 192.168.1.128 192.168.1.254; default-lease-time 21600; max-lease-time 43200; zone home-home. { primary 127.0.0.1; key "rndckey"; } zone 1.168.192.in-addr.arpa. { primary 127.0.0.1; key "rndckey"; } }
DNS
/etc/named.conf
:options { listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { any; }; recursion yes; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; zone "." IN { type hint; file "named.ca"; }; include "/etc/rndc.key"; zone "home-home" { type master; allow-update { key rndckey; }; file "slaves/home-home.zone"; }; zone "1.168.192.in-addr.arpa" { type master; allow-update { key rndckey; }; file "slaves/1.168.192.in-addr.arpa.zone"; }; include "/etc/named.rfc1912.zones";
/var/named/chroot/var/named/slaves/home-home.zone
:@ in soa localhost. root 1 3H 15M 1W 1D ns localhost.
/var/named/chroot/var/named/slaves/1.168.192.in-addr.arpa.zone
:@ in soa localhost. root 1 3H 15M 1W 1D ns localhost.Change attribute to zone files:
[root@dev-1 slaves]# chown named.named /var/named/chroot/var/named/slaves/* [root@dev-1 slaves]# chmod 660 /var/named/chroot/var/named/slaves/*
Firewall (iptables)
/etc/sysconfig/iptables
:*nat -A POSTROUTING -o eth0 -j MASQUERADE -A POSTROUTING -o ppp0 -j MASQUERADE COMMIT *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :RH-Firewall-1-INPUT - [0:0] -A FORWARD -i br0 -j ACCEPT -A INPUT -i br0 -j ACCEPT -A INPUT -i eth1 -j ACCEPT -A INPUT -i wlan0 -j ACCEPT -A INPUT -j RH-Firewall-1-INPUT -A FORWARD -j RH-Firewall-1-INPUT -A RH-Firewall-1-INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT -A RH-Firewall-1-INPUT -p 50 -j ACCEPT -A RH-Firewall-1-INPUT -p 51 -j ACCEPT -A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited COMMIT
/etc/sysctl.conf
:--skipped-- # Controls IP packet forwarding net.ipv4.ip_forward = 1 --skipped--
hostapd
building
Unpack source code to/usr/local/src
direcory and goto direcotry:[root@dev-1 src]# gzip -cd hostapd-0.6.3.tar.gz | tar xf - [root@dev-1 src]# cd hostapd-0.6.3 [root@dev-1 hostapd-0.6.3]# cd hostapd [root@dev-1 hostapd]#Copy build config template file to appropriate name:
[root@dev-1 hostapd]# cp defconfig .configModify config file
.config
in such way (this is diff file):--- defconfig 2008-02-23 04:45:24.000000000 +0200 +++ .config 2008-07-12 12:55:53.000000000 +0300 @@ -9,6 +9,9 @@ # be modified from here. In most cass, these lines should use += in order not # to override previous values of the variables. +CONFIG_DRIVER_MADWIFI=y +CFLAGS += -I/usr/local/src/madwifi-0.9.4 + # Driver interface for Host AP driver CONFIG_DRIVER_HOSTAP=y</code> Make and install:<pre>[root@dev-1 hostapd]# make [root@dev-1 hostapd]# make install
configuration
Create directory /etc/hostapd
/etc/hostapd/hostapd.conf
:interface=wlan0 bridge=br0 driver=madwifi logger_syslog=-1 logger_syslog_level=2 logger_stdout=-1 logger_stdout_level=2 debug=0 dump_file=/tmp/hostapd.dump ctrl_interface=/var/run/hostapd ctrl_interface_group=0 ssid=home-home auth_algs=3 eapol_key_index_workaround=0 eap_server=0 wpa=3 wpa_psk_file=/etc/hostapd/wpa_psk wpa_key_mgmt=WPA-PSK wpa_pairwise=CCMP
Please note: ssid=home-home
should define the same SSID as you defined during interface configuration, wpa_pairwise=CCMP
mean that AES used for key management.
/etc/hostapd/wpa_psk
:00:00:00:00:00:00 PRIVETPRIVETPRIVETPRIVETPRIVETPRIVETPRIVETPRIVETPRIVETPRIVET!!!
where:
00:00:00:00:00:00
mean that any MAC address acceptedPRIVETPRIVET...
is passphrase.
hostapd.wpa_psk
says:# List of WPA PSKs. Each line, except for empty lines and lines starting # with #, must contain a MAC address and PSK separated with a space. # Special MAC address 00:00:00:00:00:00 can be used to configure PSKs that # anyone can use. PSK can be configured as an ASCII passphrase of 8..63 # characters or as a 256-bit hex PSK (64 hex digits). 00:00:00:00:00:00 secret passphrase 00:11:22:33:44:55 another passphrase 00:22:33:44:55:66 0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef 00:00:00:00:00:00 another passphrase for all STAsSet correct permissions to key file
/etc/hostapd/wpa_psk
:[root@dev-1 hostapd]# chmod 600 /etc/wpa_pskModify
/etc/rc.d/rc.local
to enable hostapd daemon startup:--skipped-- # run hostap daemon /usr/local/bin/hostapd -B /etc/hostapd/hostapd.conf --skipped--
Testing
Now you may reboot pc.
After system starts login and check:
- WiFi driver loaded correctly:
Jul 12 13:18:05 dev-1 kernel: ath_hal: module license 'Proprietary' taints kernel. Jul 12 13:18:05 dev-1 kernel: ath_hal: 0.9.18.0 (AR5210, AR5211, AR5212, RF5111, RF5112, RF2413, RF5413) Jul 12 13:18:05 dev-1 kernel: wlan: 0.9.4 Jul 12 13:18:05 dev-1 kernel: ath_pci: 0.9.4 Jul 12 13:18:05 dev-1 kernel: ath_rate_sample: 1.2 (0.9.4) Jul 12 13:18:05 dev-1 kernel: wifi0: 11b rates: 1Mbps 2Mbps 5.5Mbps 11Mbps Jul 12 13:18:05 dev-1 kernel: wifi0: 11g rates: 1Mbps 2Mbps 5.5Mbps 11Mbps 6Mbps 9Mbps 12Mbps 18Mbps 24Mbps 36Mbps 48Mbps 54 Jul 12 13:18:05 dev-1 kernel: wifi0: turboG rates: 6Mbps 12Mbps 18Mbps 24Mbps 36Mbps 48Mbps 54Mbps Jul 12 13:18:05 dev-1 kernel: wifi0: H/W encryption support: WEP AES AES_CCM TKIP Jul 12 13:18:05 dev-1 kernel: wifi0: mac 7.9 phy 4.5 radio 5.6 Jul 12 13:18:05 dev-1 kernel: wifi0: Use hw queue 1 for WME_AC_BE traffic Jul 12 13:18:05 dev-1 kernel: wifi0: Use hw queue 0 for WME_AC_BK traffic Jul 12 13:18:05 dev-1 kernel: wifi0: Use hw queue 2 for WME_AC_VI traffic Jul 12 13:18:05 dev-1 kernel: wifi0: Use hw queue 3 for WME_AC_VO traffic Jul 12 13:18:05 dev-1 kernel: wifi0: Use hw queue 8 for CAB traffic Jul 12 13:18:05 dev-1 kernel: wifi0: Use hw queue 9 for beacons Jul 12 13:18:05 dev-1 kernel: wifi0: Atheros 5212: mem=0xff8f0000, irq=23
- hostapd started:
[root@dev-1 ~]# ps -ax | grep host Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.7/FAQ 1913 ? Ss 0:00 /usr/local/bin/hostapd -B /etc/hostapd/hostapd.conf 2252 pts/1 R+ 0:00 grep host [root@dev-1 ~]#Try to connect from another pc throw WiFi to AP home-home with listed above credentials. On success you will see in the logs:
Jul 12 14:59:41 dev-1 hostapd: wlan0: STA 00:19:cb:74:d7:74 IEEE 802.11: associated Jul 12 14:59:41 dev-1 hostapd: wlan0: STA 00:19:cb:74:d7:74 WPA: pairwise key handshake completed (WPA) Jul 12 14:59:42 dev-1 dhcpd: DHCPDISCOVER from 00:19:cb:74:d7:74 via br0 Jul 12 14:59:42 dev-1 hostapd: wlan0: STA 00:19:cb:74:d7:74 WPA: group key handshake completed (WPA) Jul 12 14:59:43 dev-1 dhcpd: DHCPOFFER on 192.168.1.254 to 00:19:cb:74:d7:74 (bm) via br0 Jul 12 14:59:43 dev-1 named[2838]: client 127.0.0.1#53752: updating zone 'home-home/IN': update unsuccessful: bm.home-home: 'name not in use' prerequisite not satisfied (YXDOMAIN) Jul 12 14:59:43 dev-1 named[2838]: client 127.0.0.1#45106: signer "rndckey" approved Jul 12 14:59:43 dev-1 named[2838]: client 127.0.0.1#45106: updating zone 'home-home/IN': deleting rrset at 'bm.home-home' A Jul 12 14:59:43 dev-1 named[2838]: client 127.0.0.1#45106: updating zone 'home-home/IN': adding an RR at 'bm.home-home' A Jul 12 14:59:43 dev-1 dhcpd: Added new forward map from bm.home-home to 192.168.1.254 Jul 12 14:59:43 dev-1 named[2838]: client 127.0.0.1#46822: signer "rndckey" approved Jul 12 14:59:43 dev-1 named[2838]: client 127.0.0.1#46822: updating zone '1.168.192.in-addr.arpa/IN': deleting rrset at '254.1.168.192.in-addr.arpa' PTR Jul 12 14:59:43 dev-1 named[2838]: client 127.0.0.1#46822: updating zone '1.168.192.in-addr.arpa/IN': adding an RR at '254.1.168.192.in-addr.arpa' PTR Jul 12 14:59:43 dev-1 dhcpd: added reverse map from 254.1.168.192.in-addr.arpa to bm.home-home Jul 12 14:59:43 dev-1 dhcpd: DHCPREQUEST for 192.168.1.254 (192.168.1.1) from 00:19:cb:74:d7:74 (bm) via br0 Jul 12 14:59:43 dev-1 dhcpd: DHCPACK on 192.168.1.254 to 00:19:cb:74:d7:74 (bm) via br0 Jul 12 14:59:45 dev-1 named[2838]: unexpected RCODE (15) resolving 'NS.SECONDARY.NET.UA/AAAA/IN': 195.47.253.1#53 Jul 12 14:59:48 dev-1 dhcpd: DHCPREQUEST for 192.168.1.254 from 00:19:cb:74:d7:74 (bm) via br0 Jul 12 14:59:48 dev-1 dhcpd: DHCPACK on 192.168.1.254 to 00:19:cb:74:d7:74 (bm) via br0
As seen from this log, hostapd successfully authorize client, DHCP service leased an address and registered in DNS forward and reverse name resolving map.