Wifi not bridging

Hi,

I have read here some topics and it seems to be always a problem to get hostapd on blue0 working.
However Configuring the blue,dhcp… on the webfrontend was ok to get a device connected but it does not get internet access.
So I hope it’s just a bridging issue ?

configuration looks like this

ll /lib/firmware/iwlwifi-316*
-rw-r--r-- 1 root root  609892 Aug 10  2019 /lib/firmware/iwlwifi-3160-10.ucode
-rw-r--r-- 1 root root  683996 Aug 10  2019 /lib/firmware/iwlwifi-3160-12.ucode
-rw-r--r-- 1 root root  688616 Aug 10  2019 /lib/firmware/iwlwifi-3160-13.ucode
-rw-r--r-- 1 root root  918212 Aug 10  2019 /lib/firmware/iwlwifi-3160-16.ucode
-rw-r--r-- 1 root root  918268 Dec 14 09:28 /lib/firmware/iwlwifi-3160-17.ucode
-rw-r--r-- 1 root root  670484 Aug 10  2019 /lib/firmware/iwlwifi-3160-7.ucode
-rw-r--r-- 1 root root  667284 Aug 10  2019 /lib/firmware/iwlwifi-3160-8.ucode
-rw-r--r-- 1 root root  669872 Aug 10  2019 /lib/firmware/iwlwifi-3160-9.ucode

lspci -k | grep -A 3 -i "network"
01:00.0 Network controller: Intel Corporation Wireless 3160 (rev 83)
 Subsystem: Intel Corporation Dual Band Wireless-AC 3160
 Kernel driver in use: iwlwifi
 Kernel modules: iwlwifi

cat /var/ipfire/wlanap/settings
DRIVER=NL80211
CHANNEL=6
HW_MODE=g
COUNTRY=DE
TXPOWER=auto
ENC=wpa2
MACMODE=0
DEBUG=4
IEEE80211W=on
NOSCAN=off
CLIENTISOLATION=off
HTCAPS=
SYSLOGLEVEL=2
HIDESSID=off
SSID=free_beer
PWD=secret
VHTCAPS=
INTERFACE=blue0
APMODE=on

cat /var/ipfire/wlanap/settings
DRIVER=NL80211
CHANNEL=6
HW_MODE=g
COUNTRY=DE
TXPOWER=auto
ENC=wpa2
MACMODE=0
DEBUG=4
IEEE80211W=on
NOSCAN=off
CLIENTISOLATION=off
HTCAPS=
SYSLOGLEVEL=2
HIDESSID=off
SSID=free_beer
PWD=secret
VHTCAPS=
INTERFACE=blue0
APMODE=on

are really both configs needed ?
anything else I could check ?

Thanks for any hint

What are you trying to bridge with what?

actually I just hoped ipfire would handle the blue net as the green. As in forwarding/transparent proxying.

if you want to combine blue and green into one logical network,
https://wiki.ipfire.org/configuration/network/bridge-green-blue

I deleted this page, because this can be done on the web UI.

I guess you have to decide what you want.

GREEN and BLUE are different network zones. There is no way to “bridge” them together - that means layer 2 bridge.

When you say forwarding, do you want to route between the two zones?

all clients in blue should be able to access the internet (through red)

if I could implement proper routing additionally between blue and green in both directions it would be great.

the wiki page is still there. Where in the gui would I set the routing up ?

if you want that, this is not called bridging and works out of the box.

Did you see “Access to Blue” and grant access for your test client?

you mean main screen -> Firewall -> Blue Access ?

after your Post I did add it manually to the devices List. And than the device could access the internet(red network). Unfortunatly only one time success but basically it works.
From green I could not access the device and the device could not access green (ping)

Is it always so that devices need manual permission ?
The wifi is of course exposed but I would like to to have there some devices which should be accessible from green and vice versa (at least through tunneling) . Is there some wiki page which explains that ?

You will need a firewall rule for that:

https://wiki.ipfire.org/configuration/firewall/default-policy

You can simply whitelist the whole blue network (and leave the MAC address field empty) to allow access to everyone.

And what tunnel?

ok I will look at and try some rules /whitelisting to ease life in blue

The need for the tunnel is as some devices in blue might need remote administration via web or ssh.

That’s not called tunnelling. That simply is how a network works.