Bridge between LAN and WLAN not working.

[Tepepaz]

Hi there,

I'm running Hassio on a MiniPC with an external USB WiFi dongle. Your addon has been so far the only one working for me and I managed to run the AP. However, when I select the "allow internet" option it does bring up the bridge but in end, it doesn't work and I can't even ping the two networks from each other.

I think it happens because it tries to use eth0 as ethernet interface, but actually, mine is enp0s10. Is there a way I can change it?

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] done.
[services.d] starting services
[services.d] done.
Starting...
Set nmcli managed no
Network interface set to wlp0s21f0u2
Deleting iptables
MASQUERADE  all opt -- in * out eth0  0.0.0.0/0  -> 0.0.0.0/0  
ACCEPT  all opt -- in eth0 out wlp0s21f0u2  0.0.0.0/0  -> 0.0.0.0/0   state RELATED,ESTABLISHED
ACCEPT  all opt -- in wlp0s21f0u2 out eth0  0.0.0.0/0  -> 0.0.0.0/0  
Configuring iptables for NAT
MASQUERADE  all opt -- in * out eth0  0.0.0.0/0  -> 0.0.0.0/0  
ACCEPT  all opt -- in eth0 out wlp0s21f0u2  0.0.0.0/0  -> 0.0.0.0/0   state RELATED,ESTABLISHED
ACCEPT  all opt -- in wlp0s21f0u2 out eth0  0.0.0.0/0  -> 0.0.0.0/0  
Setup hostapd ...
Setup interface ...
Resseting interfaces
ifdown: interface wlp0s21f0u2 not configured
Setup udhcpd ...
Starting DHCP server...
udhcpd: started, v1.33.1
udhcpd: can't open '/var/lib/udhcpd/udhcpd.leases': No such file or directory
Starting HostAP daemon ...
Interface stats:
wlp0s21f0u2 Link encap:Ethernet  HWaddr 1C:BF:CE:F4:B3:84  
          inet addr:192.168.2.1  Bcast:192.168.2.254  Mask:255.255.255.0
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:56453 errors:0 dropped:0 overruns:0 frame:0
          TX packets:43742 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:10002420 (9.5 MiB)  TX bytes:6682958 (6.3 MiB)
Configuration file: /hostapd.conf
rfkill: Cannot open RFKILL control device
Using interface wlp0s21f0u2 with hwaddr 1c:bf:ce:f4:b3:84 and ssid "hassio"
wlp0s21f0u2: interface state UNINITIALIZED->ENABLED
wlp0s21f0u2: AP-ENABLED

Any input on how to solve the issue would be very appreciated.

[Tepepaz]

I just forked your repo and forced the interface from eth0 to enp0s10 in the run.sh file. But it didn't help.

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] done.
[services.d] starting services
[services.d] done.
Starting...
Set nmcli managed no
Network interface set to wlp0s21f0u2
Deleting iptables
MASQUERADE  all opt -- in * out enp0s10  0.0.0.0/0  -> 0.0.0.0/0  
ACCEPT  all opt -- in enp0s10 out wlp0s21f0u2  0.0.0.0/0  -> 0.0.0.0/0   state RELATED,ESTABLISHED
ACCEPT  all opt -- in wlp0s21f0u2 out enp0s10  0.0.0.0/0  -> 0.0.0.0/0  
Configuring iptables for NAT
MASQUERADE  all opt -- in * out enp0s10  0.0.0.0/0  -> 0.0.0.0/0  
ACCEPT  all opt -- in enp0s10 out wlp0s21f0u2  0.0.0.0/0  -> 0.0.0.0/0   state RELATED,ESTABLISHED
ACCEPT  all opt -- in wlp0s21f0u2 out enp0s10  0.0.0.0/0  -> 0.0.0.0/0  
Setup hostapd ...
Setup interface ...
Resseting interfaces
ifdown: interface wlp0s21f0u2 not configured
Setup udhcpd ...
Starting DHCP server...
udhcpd: started, v1.33.1
udhcpd: can't open '/var/lib/udhcpd/udhcpd.leases': No such file or directory
Starting HostAP daemon ...
Interface stats:
wlp0s21f0u2 Link encap:Ethernet  HWaddr 1C:BF:CE:F4:B3:84  
          inet addr:192.168.2.1  Bcast:192.168.2.254  Mask:255.255.255.0
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:62383 errors:0 dropped:0 overruns:0 frame:0
          TX packets:48432 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:11180220 (10.6 MiB)  TX bytes:7793493 (7.4 MiB)
Configuration file: /hostapd.conf
Using interface wlp0s21f0u2 with hwaddr 1c:bf:ce:f4:b3:84 and ssid "hassio"
wlp0s21f0u2: interface state UNINITIALIZED->ENABLED
wlp0s21f0u2: AP-ENABLED 

[joaofl]

Hi @Tepepaz, Thanks for reporting that out. From what I recall, what the IP table rules only make sure your get packets in and out to the internet, but I don't think you can reach one network from another, unless you configure some gateway. Can you at least reach the internet from the host-spot created? I remember connecting my phone to it, and being able to access/not access the internet once togled.

Sorry for not being precise, and for not recalling the exact behavior of the iptable rules. If you figure out a solution/improvement in this aspect, I would be glad to integrate.

[Tepepaz]

Hi @joaofl, Thank you for your reply.

I actually never been able to access the internet from the AP. I can only access home assistant UI but that's pretty much it.

[joaofl]

I am working on an option to configure the external ethernet port name, so that may help in situation like yours.

I will give it another set of tests before the next release, to ensure the internet toggle still works. If it does, I would assume the problem is platform specific, and in that case I would appreciate your help on debugging it and fixing it for your scenario.

It would be about loading some different iptable rules, to figure out what does the trick. I far from being an knowledged iptables user, but I can try to help.

[Tepepaz]

I'll be glad to help if needed. Thank you for looking into this.

[joaofl]

Released it yesterday, but.with another name. Please give it a shot

[Tepepaz]

Still can't access internet

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] done.
[services.d] starting services
[services.d] done.
Starting...
Set nmcli managed no
Network interface set to wlp0s21f0u2
Deleting iptables
MASQUERADE  all opt -- in * out enp0s10  0.0.0.0/0  -> 0.0.0.0/0  
ACCEPT  all opt -- in enp0s10 out wlp0s21f0u2  0.0.0.0/0  -> 0.0.0.0/0   state RELATED,ESTABLISHED
ACCEPT  all opt -- in wlp0s21f0u2 out enp0s10  0.0.0.0/0  -> 0.0.0.0/0  
Configuring iptables for NAT
MASQUERADE  all opt -- in * out enp0s10  0.0.0.0/0  -> 0.0.0.0/0  
ACCEPT  all opt -- in enp0s10 out wlp0s21f0u2  0.0.0.0/0  -> 0.0.0.0/0   state RELATED,ESTABLISHED
ACCEPT  all opt -- in wlp0s21f0u2 out enp0s10  0.0.0.0/0  -> 0.0.0.0/0  
Setup hostapd ...
Setup interface ...
Resseting interfaces
ifdown: interface wlp0s21f0u2 not configured
Setup udhcpd ...
Starting DHCP server...
udhcpd: started, v1.33.1
udhcpd: can't open '/var/lib/udhcpd/udhcpd.leases': No such file or directory
Starting HostAP daemon ...
Interface stats:
wlp0s21f0u2 Link encap:Ethernet  HWaddr 1C:BF:CE:F4:B3:84  
          inet addr:192.168.2.1  Bcast:192.168.2.254  Mask:255.255.255.0
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:40763 errors:0 dropped:0 overruns:0 frame:0
          TX packets:41151 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:13784070 (13.1 MiB)  TX bytes:8491132 (8.0 MiB)
Configuration file: /hostapd.conf
rfkill: Cannot open RFKILL control device
Using interface wlp0s21f0u2 with hwaddr 1c:bf:ce:f4:b3:84 and ssid "hassio"
wlp0s21f0u2: interface state UNINITIALIZED->ENABLED
wlp0s21f0u2: AP-ENABLED 
wlp0s21f0u2: STA 98:cd:ac:1e:ee:22 IEEE 802.11: authenticated
wlp0s21f0u2: STA 98:cd:ac:1e:ee:22 IEEE 802.11: associated (aid 1)
wlp0s21f0u2: AP-STA-CONNECTED 98:cd:ac:1e:ee:22
wlp0s21f0u2: STA 98:cd:ac:1e:ee:22 RADIUS: starting accounting session 4309A25A0CAEB86E
wlp0s21f0u2: STA 98:cd:ac:1e:ee:22 WPA: pairwise key handshake completed (RSN)
wlp0s21f0u2: STA c4:5b:be:57:ee:47 IEEE 802.11: authenticated
wlp0s21f0u2: STA c4:5b:be:57:ee:47 IEEE 802.11: associated (aid 2)
wlp0s21f0u2: AP-STA-CONNECTED c4:5b:be:57:ee:47
wlp0s21f0u2: STA c4:5b:be:57:ee:47 RADIUS: starting accounting session B663CADADE4AF331
wlp0s21f0u2: STA c4:5b:be:57:ee:47 WPA: pairwise key handshake completed (RSN)
wlp0s21f0u2: STA 4c:02:20:64:ba:63 IEEE 802.11: authenticated
wlp0s21f0u2: STA 4c:02:20:64:ba:63 IEEE 802.11: associated (aid 3)
wlp0s21f0u2: AP-STA-CONNECTED 4c:02:20:64:ba:63
wlp0s21f0u2: STA 4c:02:20:64:ba:63 RADIUS: starting accounting session C63BD77649F706F2
wlp0s21f0u2: STA 4c:02:20:64:ba:63 WPA: pairwise key handshake completed (RSN)
udhcpd: bad packet, malformed option field
udhcpd: bad packet, malformed option field
udhcpd: bad packet, malformed option field
udhcpd: sending OFFER to 192.168.2.145
udhcpd: bad packet, malformed option field
udhcpd: bad packet, malformed option field
udhcpd: bad packet, malformed option field
udhcpd: sending OFFER to 192.168.2.145
udhcpd: bad packet, malformed option field
udhcpd: bad packet, malformed option field
udhcpd: bad packet, malformed option field
udhcpd: sending OFFER to 192.168.2.145
udhcpd: sending ACK to 192.168.2.145

192.168.1.145 it was assigned by DHCP to my smartphone and I could not access the internet.

Besides those malformed option field errors, I noticed two more issues, but I don't know if they are related and do actually affect the AP functions:

ifdown: interface wlp0s21f0u2 not configured and rfkill: Cannot open RFKILL control device but this last one looks related to DHCP

[joaofl]

ifdown: interface wlp0s21f0u2 not configured
rfkill: Cannot open RFKILL control device

This is fine. Those commands are mostly to ensure the network card is not up beforehand.

I really cant tell that the malformed error means.... But I would still bet that does not have to do with the iptables.

Can you try to comment out the iptables code, and see if the dhcp issue continues? Is there a chance there is already an instance of iptables on your system? Otherwise, I would need to reproduce this issue here somehow in order to debug it.

[Tepepaz]

Regarding the DHCP, in the end, it did ACK, so maybe it was just a temporary glitch.

This is so far everything I get on iptables. Besides the default system rules, I don't think there is anything extra.

[joaofl]

@Tepepaz , thanks for sharing that. Indeed, it looks alright to me. I will have to dive deeper into it. One thing to look into would be to alter rules there that can potentially allow the forwarding. I also believe that a gateway will be necessary from inside the addon container, to the outside network. May have to do with some extra level of security/isolation from the OS side. I'll try to check it asap ( not having much time lately, unfortunately).

[Tepepaz]

@joaofl Don't worry and thank you so much for your efforts.

[eyalsac]

I use tp-link TL-WN823N it fixed to me with: interface: wlp1s0u1u3 internet_interface: wlan0 allow_internet: true

[liroman2312]

I have same error everything works but no internet access

[zbrozek]

Any news on this issue? I just tried this add-on and have the same issue. Very straightforward setup, using a raspberry pi Ethernet (eth0) connection for the upstream connection and its wireless interface (wlan0) for the access point. Devices connect to the AP just fine, receive an IP just fine, but routing out to the upstream connection doesn't seem to work.

Home Assistant is kind of a locked down distribution, so it's not obvious to me how to try and debug things without a real console.

[zbrozek]

Doing some sleuthing, it looks like this fork solves the issue: https://github.com/LuisAlbertoFP/hassio-addons/blob/master/hassio-hotspot/run.sh

[joaofl]

Sorry I could not debug this further, but I believed at some point that was a DNS issue actually. If you find a solution that fits you, I would gladly merge.

[dariusaurius]

Hi, I'm also struggling with problems between LAN and WLAN. I can connect to my hotspot, but my Devices (Macbook and Google Pixel 8) are reporting to have no internet connection. I did some test from inside the docker container, which supprisingly went without problems. Here is my log from the container:

s6-rc: info: service s6rc-oneshot-runner: starting
s6-rc: info: service s6rc-oneshot-runner successfully started
s6-rc: info: service fix-attrs: starting
s6-rc: info: service fix-attrs successfully started
s6-rc: info: service legacy-cont-init: starting
s6-rc: info: service legacy-cont-init successfully started
s6-rc: info: service legacy-services: starting
s6-rc: info: service legacy-services successfully started
Starting...
Set nmcli managed no
/run.sh: line 75: nmcli: command not found
Network interface set to wlan1
Deleting iptables
MASQUERADE  all opt -- in * out end0  0.0.0.0/0  -0.0.0.0/0  
ACCEPT  all opt -- in end0 out wlan1  0.0.0.0/0  -0.0.0.0/0   state RELATED,ESTABLISHED
ACCEPT  all opt -- in wlan1 out end0  0.0.0.0/0  -0.0.0.0/0  
Configuring iptables for NAT
MASQUERADE  all opt -- in * out end0  0.0.0.0/0  -0.0.0.0/0  
ACCEPT  all opt -- in end0 out wlan1  0.0.0.0/0  -0.0.0.0/0   state RELATED,ESTABLISHED
ACCEPT  all opt -- in wlan1 out end0  0.0.0.0/0  -0.0.0.0/0  
Setup hostapd ...
Setup interface ...
Resseting interfaces
ifdown: interface wlan1 not configured
Setup udhcpd ...
Starting DHCP server...
udhcpd: started, v1.36.1
udhcpd: can't open '/var/lib/udhcpd/udhcpd.leases': No such file or directory
Starting HostAP daemon ...
Interface stats:
wlan1     Link encap:Ethernet  HWaddr 50:91:E3:26:B2:1F  
          inet addr:192.168.2.1  Bcast:192.168.2.254  Mask:255.255.255.0
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:58 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
wlan1: interface state UNINITIALIZED->ENABLED
wlan1: AP-ENABLED 
wlan1: STA c6:f8:39:24:bf:8d IEEE 802.11: associated
wlan1: AP-STA-CONNECTED c6:f8:39:24:bf:8d
wlan1: STA c6:f8:39:24:bf:8d RADIUS: starting accounting session 18484ED60268E190
wlan1: STA c6:f8:39:24:bf:8d WPA: pairwise key handshake completed (RSN)
wlan1: EAPOL-4WAY-HS-COMPLETED c6:f8:39:24:bf:8d
udhcpd: sending OFFER to 192.168.2.133
udhcpd: sending OFFER to 192.168.2.133
udhcpd: sending ACK to 192.168.2.133

This is my console output from inside the container:

# docker exec -it addon_891ed7ea_hassio-hotspot bash

891ed7ea-hassio-hotspot:/# ping google.com

PING google.com (142.250.181.206): 56 data bytes
64 bytes from 142.250.181.206: seq=0 ttl=117 time=19.362 ms
64 bytes from 142.250.181.206: seq=1 ttl=117 time=12.901 ms
^C
--- google.com ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 12.901/16.131/19.362 ms

891ed7ea-hassio-hotspot:/# dig google.com

; <<>> DiG 9.18.19 <<>> google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58753
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 8124908220f9e86a (echoed)
;; QUESTION SECTION:
;google.com.            IN  A

;; ANSWER SECTION:
google.com.     142 IN  A   142.250.181.206

;; Query time: 0 msec
;; SERVER: 172.30.32.3#53(172.30.32.3) (UDP)
;; WHEN: Tue Nov 14 13:23:44 CET 2023
;; MSG SIZE  rcvd: 77

891ed7ea-hassio-hotspot:/# traceroute google.com

traceroute to google.com (142.250.181.206), 30 hops max, 46 byte packets
 1  192-168-178-1.fritz.box (192.168.178.1)  1.415 ms  1.570 ms  1.204 ms
 2  ***.***.kabel-deutschland.de (***.***.***.***)  10.701 ms  11.771 ms  10.700 ms
 3  83-169-180-214-isp.superkabel.de (83.169.180.214)  10.768 ms  9.835 ms  10.386 ms
 4  ip5886c005.static.kabel-deutschland.de (88.134.192.5)  12.776 ms  11.270 ms  10.634 ms
 5  145.254.3.196 (145.254.3.196)  10.843 ms  11.448 ms  9.703 ms
 6  *  145.254.2.215 (145.254.2.215)  16.701 ms  13.461 ms
 7  72.14.195.12 (72.14.195.12)  16.776 ms  72.14.194.138 (72.14.194.138)  12.555 ms  *
 8  72.14.194.138 (72.14.194.138)  14.161 ms  72.14.195.12 (72.14.195.12)  14.426 ms  108.170.253.33 (108.170.253.33)  13.858 ms
 9  108.170.253.33 (108.170.253.33)  19.677 ms  14.478 ms  108.170.253.49 (108.170.253.49)  16.554 ms
10  209.85.240.161 (209.85.240.161)  13.064 ms  18.326 ms  ham02s21-in-f14.1e100.net (142.250.181.206)  16.320 ms

891ed7ea-hassio-hotspot:/# ping 192.168.178.15

PING 192.168.178.15 (192.168.178.15): 56 data bytes
64 bytes from 192.168.178.15: seq=0 ttl=64 time=0.189 ms
64 bytes from 192.168.178.15: seq=1 ttl=64 time=0.280 ms
^C
--- 192.168.178.15 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.189/0.234/0.280 ms

891ed7ea-hassio-hotspot:/# ping 192.168.178.5

PING 192.168.178.5 (192.168.178.5): 56 data bytes
64 bytes from 192.168.178.5: seq=0 ttl=64 time=1.816 ms
64 bytes from 192.168.178.5: seq=1 ttl=64 time=0.487 ms
^C
--- 192.168.178.5 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.487/1.151/1.816 ms

Screenshot from my Pixel:

I have noticed that access to my overlying network is possible (the two last ping tests), which in my opinion should be optionaly deactivatable, best case scenario, deactivateble per device, while still allowing internet connections... this is especially needed for cheap china devices.

Please let me know, if you need more details or tests in case you are motivated to look into it ✌️

[joaofl]

Thanks for the info @dariusaurius. I want to look into that, but never find the time to catch up. Nevertheless, if you want to experiment around, I can try to assist on that. I think that it might be easier to use network bridge other than iptable rules. This should be a common requirements from docker containers, to bridge inner networks to outer ones.

[joaofl]

The problem should be in the init script, around here:

# Configure iptables to enable/disable internet
RULE_3="POSTROUTING -o ${INTERNET_IF} -j MASQUERADE"
RULE_4="FORWARD -i ${INTERNET_IF} -o ${INTERFACE} -m state --state RELATED,ESTABLISHED -j ACCEPT"
RULE_5="FORWARD -i ${INTERFACE} -o ${INTERNET_IF} -j ACCEPT"

echo "Deleting iptables"
iptables -v -t nat -D $(echo ${RULE_3})
iptables -v -D $(echo ${RULE_4})
iptables -v -D $(echo ${RULE_5})

if test ${ALLOW_INTERNET} = true; then
    echo "Configuring iptables for NAT"
    iptables -v -t nat -A $(echo ${RULE_3})
    iptables -v -A $(echo ${RULE_4})
    iptables -v -A $(echo ${RULE_5})
fi

[incarvr6]

Now that i finally managed to make it work with internal wlan0: on RP4, network bridge is not working.

`s6-rc: info: service s6rc-oneshot-runner: starting s6-rc: info: service s6rc-oneshot-runner successfully started s6-rc: info: service fix-attrs: starting s6-rc: info: service fix-attrs successfully started s6-rc: info: service legacy-cont-init: starting s6-rc: info: service legacy-cont-init successfully started s6-rc: info: service legacy-services: starting s6-rc: info: service legacy-services successfully started Starting... Set nmcli managed no /run.sh: line 75: nmcli: command not found Network interface set to wlan0: Deleting iptables MASQUERADE all opt -- in out enp1s0u1u3 0.0.0.0/0 -> 0.0.0.0/0
ACCEPT all opt -- in enp1s0u1u3 out wlan0: 0.0.0.0/0 -> 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT all opt -- in wlan0: out enp1s0u1u3 0.0.0.0/0 -> 0.0.0.0/0
Configuring iptables for NAT MASQUERADE all opt -- in out enp1s0u1u3 0.0.0.0/0 -> 0.0.0.0/0
ACCEPT all opt -- in enp1s0u1u3 out wlan0: 0.0.0.0/0 -> 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT all opt -- in wlan0: out enp1s0u1u3 0.0.0.0/0 -> 0.0.0.0/0
Setup hostapd ... Setup interface ... Resseting interfaces ifdown: interface wlan0: not configured ip: ioctl 0x8914 failed: Address not available Setup udhcpd ... Starting DHCP server... udhcpd: started, v1.36.1 udhcpd: can't open '/var/lib/udhcpd/udhcpd.leases': No such file or directory Starting HostAP daemon ... Interface stats: wlan0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 ether dc:a6:32:83:23:e5 txqueuelen 1000 (Ethernet) RX packets 59199 bytes 3954220 (3.7 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 39946 bytes 2566729 (2.4 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

wlan0:: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 inet 192.168.90.1 netmask 255.255.255.0 broadcast 192.168.90.254 ether dc:a6:32:83:23:e5 txqueuelen 1000 (Ethernet)

wlp1s0u1u4: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 ether 00:25:9c:9e:c4:b1 txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) rfkill: Cannot get wiphy information wlan0:: interface state UNINITIALIZED->ENABLED wlan0:: AP-ENABLED `

[joaofl]

It actually seems to be related to a dns issue. I am working on another solution using https://github.com/garywill/linux-router

[joaofl]

I just published an initial version of the "hotspot" using the linux-router tool I mentioned. Toggling the internet on/off works for me just fine.

Please have a try: https://github.com/joaofl/hassio-addons/tree/master/linux-router

Feedbacks are welcome.