oblique
AP is created, wifi connects, but no internet
As the title says. The purpose is creating an AP which shares internet from eth0. ip addr shows all UP. I can't connect to the AP ( an IP is allocated) but I get a "!" sign next to the wifi icon. If I change to bridge mode, it seems to work, but I somehow get lags in the program I'm using (Runeaudio), so it is not acceptable. I used to have a configuration a time ago which did work, but now trying to duplicate it fails.
thanks
Some users had the same problem because their ISP had special rules to disallow them to had an extra router behind ISP's modem. Check #151 for more info. Try the following after you run create_ap:
iptables -w -t mangle -I PREROUTING -i ap0 -j TTL --ttl-inc 1
iptables -w -t mangle -I PREROUTING -i eth0 -j TTL --ttl-inc 1
If you use --no-virt replace ap0 with wlan0. Please reply even if it works, so I will know.
Hi, It doesn't help. Dont know if it is related, but I have to kill wpa-supplicant before I start create_ap, or I get the message that hostapd cannot start because a program is interfering.
I have an image of my operating system which runs fine with create_ap. I just want to update it and re-install the ap, but for some reason internet sharing is broken.
Hi, I have the same problem, I have tested in a Oneplus one and in a xiaomi redmi 3s and I have the same problems, create the AP, I can connect, assign the ip dynamically, but do not have access to the internet, I have also tried from the PC version and there if it works correctly, it only fails me in Nethunter. I have tried the two rules and no effect has arisen.
i use this command: create_ap -m nat wlan1 wlan0 MyNet
Copy and paste the list of rules (iptables --list) to see if it is possible to have a solution:
root@kali:~# iptables --list Chain INPUT (policy ACCEPT) target prot opt source destination bw_INPUT all -- anywhere anywhere fw_INPUT all -- anywhere anywhere
Chain FORWARD (policy ACCEPT) target prot opt source destination oem_fwd all -- anywhere anywhere fw_FORWARD all -- anywhere anywhere bw_FORWARD all -- anywhere anywhere natctrl_FORWARD all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT) target prot opt source destination DROP udp -- anywhere anywhere udp dpt:1900 /* Drop SSDP on WWAN / DROP udp -- anywhere anywhere udp dpt:1900 / Drop SSDP on WWAN / DROP udp -- anywhere anywhere udp dpt:1900 / Drop SSDP on WWAN / DROP udp -- anywhere anywhere udp dpt:1900 / Drop SSDP on WWAN / DROP udp -- anywhere anywhere udp dpt:1900 / Drop SSDP on WWAN / DROP udp -- anywhere anywhere udp dpt:1900 / Drop SSDP on WWAN / DROP udp -- anywhere anywhere udp dpt:1900 / Drop SSDP on WWAN / DROP udp -- anywhere anywhere udp dpt:1900 / Drop SSDP on WWAN */ oem_out all -- anywhere anywhere fw_OUTPUT all -- anywhere anywhere st_OUTPUT all -- anywhere anywhere bw_OUTPUT all -- anywhere anywhere
Chain bw_FORWARD (1 references) target prot opt source destination
Chain bw_INPUT (1 references) target prot opt source destination all -- anywhere anywhere UNKNOWN match `quota2' bw_restrict_app_INPUT all -- anywhere anywhere all -- anywhere anywhere owner socket exists
Chain bw_OUTPUT (1 references) target prot opt source destination all -- anywhere anywhere UNKNOWN match `quota2' bw_restrict_app_OUTPUT all -- anywhere anywhere all -- anywhere anywhere owner socket exists
Chain bw_costly_shared (0 references) target prot opt source destination bw_penalty_box all -- anywhere anywhere
Chain bw_data_saver (1 references) target prot opt source destination RETURN all -- anywhere anywhere
Chain bw_happy_box (1 references) target prot opt source destination RETURN all -- anywhere anywhere owner UID match 10009 RETURN all -- anywhere anywhere owner UID match 10078 RETURN all -- anywhere anywhere owner UID match 0-9999 bw_data_saver all -- anywhere anywhere
Chain bw_penalty_box (1 references) target prot opt source destination bw_happy_box all -- anywhere anywhere
Chain bw_restrict_app_INPUT (1 references) target prot opt source destination RETURN all -- anywhere anywhere
Chain bw_restrict_app_OUTPUT (1 references) target prot opt source destination RETURN all -- anywhere anywhere
Chain fw_FORWARD (1 references) target prot opt source destination
Chain fw_INPUT (1 references) target prot opt source destination fw_standby all -- anywhere anywhere
Chain fw_OUTPUT (1 references) target prot opt source destination fw_standby all -- anywhere anywhere
Chain fw_dozable (0 references) target prot opt source destination RETURN all -- anywhere anywhere RETURN tcp -- anywhere anywhere tcp flags:RST/RST RETURN all -- anywhere anywhere owner UID match 0-9999 RETURN all -- anywhere anywhere owner UID match 1001 RETURN all -- anywhere anywhere owner UID match 1027 RETURN all -- anywhere anywhere owner UID match 10003 RETURN all -- anywhere anywhere owner UID match 10009 RETURN all -- anywhere anywhere owner UID match 10034 RETURN all -- anywhere anywhere owner UID match 10078 RETURN all -- anywhere anywhere owner UID match 10081 DROP all -- anywhere anywhere
Chain fw_powersave (0 references) target prot opt source destination RETURN all -- anywhere anywhere RETURN tcp -- anywhere anywhere tcp flags:RST/RST RETURN all -- anywhere anywhere owner UID match 0-9999 DROP all -- anywhere anywhere
Chain fw_standby (2 references) target prot opt source destination RETURN all -- anywhere anywhere RETURN tcp -- anywhere anywhere tcp flags:RST/RST DROP all -- anywhere anywhere owner UID match 10074 DROP all -- anywhere anywhere owner UID match 10049 DROP all -- anywhere anywhere owner UID match 10036
Chain natctrl_FORWARD (1 references) target prot opt source destination DROP all -- anywhere anywhere
Chain natctrl_tether_counters (0 references) target prot opt source destination
Chain oem_fwd (1 references) target prot opt source destination
Chain oem_out (1 references) target prot opt source destination
Chain st_OUTPUT (1 references) target prot opt source destination
Chain st_clear_caught (2 references) target prot opt source destination
Chain st_clear_detect (0 references) target prot opt source destination REJECT all -- anywhere anywhere connmark match 0x2000000/0x2000000 reject-with icmp-port-unreachable RETURN all -- anywhere anywhere connmark match 0x1000000/0x1000000 CONNMARK tcp -- anywhere anywhere u32 "0x0>>0x16&0x3c@0xc>>0x1a&0x3c@0x0&0xffff0000=0x16030000&&0x0>>0x16&0x3c@0xc>>0x1a&0x3c@0x4&0xff0000=0x10000" CONNMARK or 0x1000000 CONNMARK udp -- anywhere anywhere u32 "0x0>>0x16&0x3c@0x8&0xffff0000=0x16fe0000&&0x0>>0x16&0x3c@0x14&0xff0000=0x10000" CONNMARK or 0x1000000 RETURN all -- anywhere anywhere connmark match 0x1000000/0x1000000 st_clear_caught tcp -- anywhere anywhere state ESTABLISHED u32 "0x0>>0x16&0x3c@0xc>>0x1a&0x3c@0x0&0x0=0x0" st_clear_caught udp -- anywhere anywhere
Chain st_penalty_log (0 references) target prot opt source destination CONNMARK all -- anywhere anywhere CONNMARK or 0x1000000 NFLOG all -- anywhere anywhere
Chain st_penalty_reject (0 references) target prot opt source destination CONNMARK all -- anywhere anywhere CONNMARK or 0x2000000 NFLOG all -- anywhere anywhere REJECT all -- anywhere anywhere reject-with icmp-port-unreachable root@kali:~#
Hello, also i try cleaning iptables rules: iptables -F iptables -X iptables -t nat -F iptables -t nat -X iptables -t mangle -F iptables -t mangle -X iptables -t raw -F iptables -t raw -X iptables -t security -F iptables -t security -X
The same result, no access internet....
hey,i jsut fixxed mine bye edit this: [(https://superuser.com/questions/1061849/connected-to-hostapd-hotspot-but-no-internet) ] hope this help :)
@mlatifr I'm having the same issue, did you use the answer with 1 vote or the one with 0
@Zanark hi zanark.. im using with 1 vote: " edit /etc/sysctl.conf to include this line, then reboot:
net.ipv4.ip_forward=1"
In default, #net.ipv4.ip_forward=1.. then i remove that " # " Sorry if that doesnt work. But Hope this can fix yours.. thankyou for asking 😊🙏🏻
@mlatifr yep, I tried both but none work. I had docker installed and the bridge it created was causing issues. I uninstalled docker for now cuz I won't be needing it anytime soon.
Will look for a solution where I can run docker without any NAT issues.