1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
|
--- i/hostapd/hostapd.conf
+++ w/hostapd/hostapd.conf
@@ -142,9 +142,9 @@
# configuration. The socket file will be named based on the interface name, so
# multiple hostapd processes/interfaces can be run at the same time if more
# than one interface is used.
-# /var/run/hostapd is the recommended directory for sockets and by default,
+# /run/hostapd-mana is the recommended directory for sockets and by default,
# hostapd_cli will use it when trying to connect with hostapd.
-ctrl_interface=/var/run/hostapd
+ctrl_interface=/run/hostapd-mana
# Access control for the control interface can be configured by setting the
# directory to allow only members of a group to use sockets. This way, it is
@@ -330,8 +330,8 @@
# Accept/deny lists are read from separate files (containing list of
# MAC addresses, one per line). Use absolute path name to make sure that the
# files can be read on SIGHUP configuration reloads.
-#accept_mac_file=/etc/hostapd.accept
-#deny_mac_file=/etc/hostapd.deny
+#accept_mac_file=/etc/hostapd/hostapd.accept
+#deny_mac_file=/etc/hostapd/hostapd.deny
# IEEE 802.11 specifies two authentication algorithms. hostapd can be
# configured to allow both of these or only one. Open system authentication
@@ -845,20 +845,20 @@
# Path for EAP server user database
# If SQLite support is included, this can be set to "sqlite:/path/to/sqlite.db"
# to use SQLite database instead of a text file.
-#eap_user_file=/etc/hostapd.eap_user
+#eap_user_file=/etc/hostapd/hostapd.eap_user
# CA certificate (PEM or DER file) for EAP-TLS/PEAP/TTLS
-#ca_cert=/etc/hostapd.ca.pem
+#ca_cert=/etc/hostapd/hostapd.ca.pem
# Server certificate (PEM or DER file) for EAP-TLS/PEAP/TTLS
-#server_cert=/etc/hostapd.server.pem
+#server_cert=/etc/hostapd/hostapd.server.pem
# Private key matching with the server certificate for EAP-TLS/PEAP/TTLS
# This may point to the same file as server_cert if both certificate and key
# are included in a single file. PKCS#12 (PFX) file (.p12/.pfx) can also be
# used by commenting out server_cert and specifying the PFX file as the
# private_key.
-#private_key=/etc/hostapd.server.prv
+#private_key=/etc/hostapd/hostapd.server.prv
# Passphrase for private key
#private_key_passwd=secret passphrase
@@ -892,9 +892,9 @@
# periodically to get an update from the OCSP responder:
# openssl ocsp \
# -no_nonce \
-# -CAfile /etc/hostapd.ca.pem \
-# -issuer /etc/hostapd.ca.pem \
-# -cert /etc/hostapd.server.pem \
+# -CAfile /etc/hostapd/hostapd.ca.pem \
+# -issuer /etc/hostapd/hostapd.ca.pem \
+# -cert /etc/hostapd/hostapd.server.pem \
# -url http://ocsp.example.com:8888/ \
# -respout /tmp/ocsp-cache.der
#ocsp_stapling_response=/tmp/ocsp-cache.der
@@ -913,8 +913,8 @@
# is in DSA parameters format, it will be automatically converted into DH
# params. This parameter is required if anonymous EAP-FAST is used.
# You can generate DH parameters file with OpenSSL, e.g.,
-# "openssl dhparam -out /etc/hostapd.dh.pem 2048"
-#dh_file=/etc/hostapd.dh.pem
+# "openssl dhparam -out /etc/hostapd/hostapd.dh.pem 2048"
+#dh_file=/etc/hostapd/hostapd.dh.pem
# OpenSSL cipher string
#
@@ -1109,7 +1109,7 @@
# white space (space or tab).
# If no entries are provided by this file, the station is statically mapped
# to <bss-iface>.<vlan-id> interfaces.
-#vlan_file=/etc/hostapd.vlan
+#vlan_file=/etc/hostapd/hostapd.vlan
# Interface where 802.1q tagged packets should appear when a RADIUS server is
# used to determine which VLAN a station is on. hostapd creates a bridge for
@@ -1191,7 +1191,7 @@
# File name of the RADIUS clients configuration for the RADIUS server. If this
# commented out, RADIUS server is disabled.
-#radius_server_clients=/etc/hostapd.radius_clients
+#radius_server_clients=/etc/hostapd/hostapd.radius_clients
# The UDP port number for the RADIUS authentication server
#radius_server_auth_port=1812
@@ -1233,7 +1233,7 @@
# of (PSK,MAC address) pairs. This allows more than one PSK to be configured.
# Use absolute path name to make sure that the files can be read on SIGHUP
# configuration reloads.
-#wpa_psk_file=/etc/hostapd.wpa_psk
+#wpa_psk_file=/etc/hostapd/hostapd.wpa_psk
# Optionally, WPA passphrase can be received from RADIUS authentication server
# This requires macaddr_acl to be set to 2 (RADIUS)
|