Arch

Notas sobre uso y convivencia con Arch Linux.

Simultaneous Wi-Fi AP and Managed Client Configuration

This guide details the setup for a single physical Wi-Fi interface (wlan0) to simultaneously connect to an existing network (managed mode) and broadcast an Access Point (AP mode) using NetworkManager. It includes specific routing configurations to bypass default drop policies introduced by container engines like Docker.

1. Prerequisites

Hardware Support

Verify hardware support for concurrent modes (iw list -> valid interface combinations). Here is an example:

 valid interface combinations:

                * #{ managed } <= 2, #{ AP, mesh point, P2P-client, P2P-GO } <= 2, #{ P2P-device } <= 1,

                  total <= 4, #channels <= 1

                * #{ managed } <= 2, #{ P2P-client } <= 2, #{ AP, mesh point, P2P-GO } <= 1, #{ P2P-device } <= 1,

                  total <= 4, #channels <= 2

                * #{ managed } <= 1, #{ IBSS } <= 1,

                  total <= 2, #channels <= 1 

Inspect this line:

#{ managed } <= 2, #{ P2P-client } <= 2, #{ AP, mesh point, P2P-GO } <= 1, #{ P2P-device } <= 1, total <= 4, #channels <= 2

It means the Wi-Fi card can handle up to two client connections (managed) and one Access Point (AP) at the same time. The #channels <= 2 bit indicates that the AP and the client connection do need to be on the same frequency channel, which gives better performance than using only one channel.

System Dependencies

Install the necessary utilities and dependencies for NetworkManager's shared routing on the AP computer:

sudo pacman -S iw dnsmasq iptables-nft

2. Persistent Virtual Interface Setup

Create a systemd service to generate the virtual AP interface (wlan0_ap) on boot, before NetworkManager initializes.

Create /etc/systemd/system/wlan-ap-interface.service:

[Unit]
Description=Create virtual wireless interface for AP
Requires=sys-subsystem-net-devices-wlan0.device
After=sys-subsystem-net-devices-wlan0.device
Before=NetworkManager.service

[Service]
Type=oneshot
ExecStart=/usr/bin/iw dev wlan0 interface add wlan0_ap type managed
ExecStop=/usr/bin/iw dev wlan0_ap del
RemainAfterExit=yes

[Install]
WantedBy=multi-user.target

Enable and start the service:

sudo systemctl enable --now wlan-ap-interface.service

Bring the interface up manually for the initial session:

sudo ip link set wlan0_ap up

3. NetworkManager AP Profile Configuration

Generate the connection profile using nmcli to ensure proper UUID generation and syntax.

# Create the base profile mapped to the virtual interface
nmcli connection add type wifi ifname wlan0_ap con-name Hotspot autoconnect no ssid ARCHER_AP

# Configure as an AP with shared IPv4 routing
nmcli connection modify Hotspot 802-11-wireless.mode ap 802-11-wireless.band bg ipv4.method shared

# Set security parameters
nmcli connection modify Hotspot wifi-sec.key-mgmt wpa-psk wifi-sec.psk "asdf1234"

# Use a randomized MAC to avoid conflicts with the physical interface
nmcli connection modify Hotspot 802-11-wireless.cloned-mac-address random

# Start the Access Point
nmcli connection up Hotspot

4. Routing and Firewall Configuration

If using Docker, the default FORWARD policy is altered to DROP, which prevents the AP's traffic from routing through the managed interface to the internet.

Enable IPv4 forwarding:

echo "net.ipv4.ip_forward = 1" | sudo tee /etc/sysctl.d/99-ipforward.conf
sudo sysctl -p /etc/sysctl.d/99-ipforward.conf

Create a static, minimal iptables ruleset that permits forwarding between the two wireless interfaces. This must be loaded before Docker's dynamic rules.

Write to /etc/iptables/iptables.rules:

*filter
:INPUT ACCEPT [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
-A FORWARD -i wlan0 -o wlan0_ap -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i wlan0_ap -o wlan0 -j ACCEPT
COMMIT

Enable the restore service to persist across reboots:

sudo systemctl enable --now iptables.service

5. Client Configuration (Raspberry Pi)

To connect a client (like a Raspberry Pi running NetworkManager) to the new Access Point, use the nmcli command.

# Connect to the AP and automatically generate a profile named "ARCHER_AP":
sudo nmcli device wifi connect "ARCHER_AP" password "asdf1234" name "ARCHER_AP"

---

Troubleshooting

• Client Connects but Lacks Internet Access: Verify the FORWARD chain policies (sudo iptables -S | grep FORWARD). Docker sets -P FORWARD DROP. Do not use a raw iptables-save dump if Docker is running, as it will hardcode ephemeral container IP/port mappings and duplicate the Docker chains on boot. Use the minimal static /etc/iptables/iptables.rules defined in Step 4.

• NetworkManager Ignores Manual .nmconnection Files: NetworkManager will silently ignore manually written configuration files in /etc/NetworkManager/system-connections/ if they contain syntax errors, trailing spaces, or lack a generated UUID. Always use nmcli to generate profiles, or debug manual files using sudo nmcli connection load <file>.

Sonido y Equalización

Endeavour OS viene con pipewire y KDE.

Si bien existe una manera de aplicar configuraciones al sistema entero (https://wiki.archlinux.org/title/PipeWire#Systemwide_parametric_equalization) es más fácil usar EasyEffects: https://wiki.archlinux.org/title/PipeWire#EasyEffects

EasyEffects tiene varias dependencias que habiltan plugins: https://github.com/wwmm/easyeffects

Para instalarlo con las dependencias del ecualizador y el bass boost alcanza con esto:

sudo pacman -S easyeffects lsp-plugins calf # Instala EasyEffects con ecualizador y bass enhancer

Virtualización

Virtualización con QEMU, libvirt, y virt-manager.

Buena guia acá: https://www.delinuxco.com/2020/09/25/install-and-set-up-virtual-machine-manager-virt-manager-on-arch/

Si en virt-manager aparece un error de "permisos" al agregar un volumen nuevo, y falla al intentar arreglarlos, hay que cerrarlo y, por unica vez, iniciarlo de nuevo con sudo virt-manager y reintentar el paso de "arreglar permisos". Después se puede reiniciar sin sudo, para usarlo normalmente.

Notas antiguas sobre VMs en Linux:

• Virtual Machines y Emulación

D-Bus errors

I recently reinstalled Arch because KDE Plasma suddenly failed to launch, after trying to install steam. Running startx left me with a black screen and the mouse cursor, and no further.

After reisntalling I was also unable to get it to launch again, even though it was a fresh install. The first clue was that NetworkManager was not launching, because D-Bus had failed, with errors similar to these:

dbus-broker-launch[1821]: ERROR launcher_connect @ ../dbus-broker-36/src/launch/launcher.c +1253: No such file or directory
dbus-broker-launch[1821]:       launcher_run @ ../dbus-broker-36/src/launch/launcher.c +1424
dbus-broker-launch[1821]:       run @ ../dbus-broker-36/src/launch/main.c +152
dbus-broker[1825]: Dispatched 4 messages @ 9(±3)μs / message.
dbus-broker-launch[1821]:       main @ ../dbus-broker-36/src/launch/main.c +178
dbus-broker-launch[1821]: Exiting due to fatal error: -2

I got tired after 3 fresh installs, and switched to EndeavourOS. What a sweet moment, everything worked out of the box.

Whatever was wrong with D-Bus, I wish to never find out. :P