Ok so this is something I keep having to re-setup every time I do something to my laptop that requires wiping the disk beforehand. So instead of figuring this out every time why not document it here and also share some information with whoever might also want to do the same?

Since I run Gentoo I’ll be using portage to emerge the necessary packages but this guide will work for any distro, so you’ll just have to use your own package manager (whatever that might be).



Your kernel must be able to support wireless extensions.


Another thing you will need is support for the various cryptographic routines used in wireless ciphers (and any other cipher that you might want to support as well).

Make sure AES, SHA, and whatever else you want are supported by your kernel. I prefer to build these in but you can modularize them as long as you make sure that these get loaded automatically or when you need them.


emerge -v net-dns/dnsmasq net-misc/dhcp net-wireless/hostapd

Once these packages are emerged you’ll need to configure at least dhcp and hostapd config files. These are located at:

/etc/dhcp/dhcpd.conf and /etc/hostapd/hostapd.conf respectively.

Sample dhcpd.conf:

default-lease-time 600;
max-lease-time 7200;
option routers;
option domain-name-servers,;

subnet netmask {
pool {
max-lease-time 600;
option routers;
option domain-name-servers,;
allow unknown-clients;

This sets up the default gateway and primary and secondary DNS servers to and gives a dhcpd server IP range from to


Sample hostapd.conf










Creates a wireless accesspoint using the now standard nl80211 drivers with an SSID of yourssid in wireless mode 80211G with channel set to auto. Note that for ME when I set a channel of anything besides 1 I got cryptic errors that were so useless that the author of hostapd should probably be questioned for being a sadist. I seriously had so many problems with creating this config due to shitty error messages I had to document this so I wouldn’t have to do that again. Another fun note is that when testing my config I used a wpa password of “test” which when trying to run caused the same useless error message. As it turns out the reason it failed was due to the wpa password being too short. It never tells you this of course unless you build this package with the debug flag on. Anyway at this point you should have a working wireless access point.

Enable dnsmasq and dhcpd services as well as hostapd. You will also have to enable iptables to forward packets to and from your interfaces if you are sharing wireless from a wired connection. Below is my iptables script:

echo 1 > /proc/sys/net/ipv4/ip_forward

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i eth0 -o wlan0 -m state –state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT

echo Done…

WPA for all!