Building a Wireless Bridge

The objective is to join the wireless network with the wired network by using a computer with both cards.

We have two PCs, PC Desktop with a network card (eth0) and a wireless network card (wlan0)
The wired local network IP range is: 192.168.0.*
The wireless network IP range is: 10.35.0.*

On the Desktop computer:
eth0 IP:
wlan0 IP:

The wlan0 card is configured with HostAP drivers in mode master

The Notebook only have a wireless network card configured in managed mode (as a simple client)

We want to be able to reach the network 192.168.0.* (wired local network) from the Notebook computer.

A bridge is like a Hub or a Switch it connects two networks with different IP addresses.
The difference is that you can join wireless networks with wired networks and that you can configure easily your firewall rules.
Also a bridge is a transparent device (it has no IP address) so nobody will know it is there.

We need the bridge-utils, you can get it with apt-get on debian or look on your red hat CDs or your favorite rpm internet repository for latest version.

once installed, become root and type:

brctl addbr br0
brctl addif br0 eth0
brctl addif br0 wlan0
ifconfig br0 up

brctl addbr br0
This adds the bridge interface named br0

brctl addif br0 eth0
The wired network interface eth0 is added to the bridge br0

brctl addif br0 wlan0
The wireless network interface is added also to the bridge br0

ifconfig br0 up
This activate the bridge. The bridge has no IP, so the same could be: ifconfig br0 up

Now on the Notebook computer just set wireless card in mode Managed and set the IP to 192.168.0.*
ifconfig wlan0
Now you can ping other machines on the wired local network with a wireless computer.
The Desktop PC IP addresses wired and wireless will become useless, I mean you can not ping to them nor ssh or telnet. Thats because eth0 and wlan0 are now part of the bridge.

You want to remove the bridge? It's easy
ifconfig br0 down
brctl delbr br0


 Fake AP Installation

FakeAP is a funny program in PERL that allows you to simulate as many Wireless Access Points from different vendors with different ESSIDs and channels that you want. It will be more difficult for a Hacker who sees 200 APs on his screen to found the right one.

Download FakeAP

being root:
set environmental variables needed for perl
export LC_ALL="C"
download and install perl modules
perl -MCPAN -e shell
install Time::HiRes
Set the wireless card in Master mode
iwconfig wlan0 mode master
perl --interface wlan0 --sleep 1


 WDS Wireless Distribution System

WDS allows you to interconnect wireless nodes while your AP is in master mode. That means anybody could connect to your AP and meanwhile your AP will be connected with another one. This allows you to extend your network easily with low cost.
Here is a quick reference to enable it:

You have 2 Nodes: pingu and pingu2

On the Node pingu:

iwconfig wlan0 mode master channel 4 essid "pingu"
iwpriv wlan0 wds_add 00:02:6f:06:26:66
brctl addbr br0
brctl addif br0 wlan0wds0
brctl addif br0 wlan0
ifconfig wlan0wds0 up
ifconfig wlan0 up
ifconfig br0 up

Interfaces included in the bridge must have, the bridge have the IP
To check it, both interfaces must be "forwarding"
brctl showstp br0

do the same on Node pingu2, same channel, but different essid

by DrDoom