Using iMX8 as Access Point for basic internet sharing and control

Setup:
Colibri iMX8QXP 2GB WB IT V1.0D
Iris carrier board V1.1B
Linux BSP 2.8.7

Followed this article (How to Setup Wi-Fi Access Point Mode (Linux)) to setup WiFi Access Point and be able to allocate IP addresses to clients then also be able to share the Internet via eth0. Hostapd is doing most of the AP setup and systemd is the networking side with some iptables rules from the link, I also had to add a bridge between uap0 and eth0 to pass internet to wifi clients.
My questions:

  1. I need better control over the DHCP allocation to the WiFi clients, maybe restricting access to 1 client at a time or just allowing only 10 in the address pool.
  2. Some DNS blocking would be great to stop apple updates, android updates, window updates etc etc, so wildcard would be great.

For question 1 I have tried modifying hostapd.network, uap0.network, bridged.network with [DHCPServer] parameters and they dont seem to have any effect on the DHCP allocation.
For question 2 I have tried modifying hostapd.network using Domains=~apple.com for example and again seems to have no effect.
I know you can also put DNS blocks into “hosts” but I wanted to avoid this as you cant use wildcards and the list would be extensive.

Connmanctl is being used and not NetworkManager. I also searched using opkg for dhcp and dnsmasq which dont exist.

Anyone have any ideas, I feel like I am close but missing something like an iptables entry for port 53 or something else is taking over the DHCP and DNS.

Thanks.

For specifying a DHCP address pool and blocking domains, dnsmasq could serve this purpose better. Linux BSP v2.8 on Colibri iMX8X is not supported anymore. Linux BSP 5.x is the successor. The dnsmasq could be installed to LInux BSP 5.x by a customized image from Yocto Project.

Basically in every search I did online dnsmasq came up as the solution but for BSP 2.8 I dont have that option.
I should have mentioned at this stage we dont have the time to upgrade and compile kernels but if there is no solution for BSP 2.8 then we may have no choice.

Hi @robple11 , what is your Coliri iMX8X hardware version?

Sorry, I miss it. It is Colibri iMX8QXP 2GB WB IT V1.0D. If I remember correctly, colibri imx8 is not supported in our Linux BSP v2.8.

Yeah sorry was getting confused with the Colibri T30/T20 that we program, the iMX8 I haven’t changed the linux kernel.
When I do cat /etc/issue:
TDX Wayland with XWayland 4.0.0-devel-20200618+build.121

When I do uname -a:
Linux colibri-imx8x 4.14.170-4.0.0-devel+git.6ce96b6f20b7 #1 SMP PREEMPT Tue Jun 16 03:27:01 UTC 2020 aarch64 aarch64 aarch64 GNU/Linux

Can dnsmasq be installed then without a kernel compile?
How easy is it to upgrade to the latest? Does dnsmasq come with any kernel versions or am I stuck compiling and integrating dnsmasq myself?

dnsmasq can be crossed compiled against Linux BSP 4. It is not bound to a specific kernel version. But you may need the SDK built by Yocto Project. It really depends, for example, a reconfigured kernel, additional kernel modules, and even your application like Qt version. If Colibri im8x only works as an AP with basic access control, it will be easy to upgrade to Linux BSP5.x.

Does Linux BSP 5.x have the dnsmasq already installed in the kernel?

The dnsmasq is not installed by default in our Linux BSP. Here is a customized one I built. You could have a try with it.

What is the procedure to install the new kernel on the module?
I have only had experience with the Colibri T20/T30 using microSD and accessing the Debug port to access U-Boot and perform “run setupdate” etc

you need to unzip the above image tarball to an SD card or USB flash. Then bring Colibri imx8x into recovery mode and load Toradex Easy Installer to it. Insert the SD card or USB flash into the carrier board. You will see the Toradex Easy Installer on the monitor or VNC remote desktop. Finally choose the image to install.

Sorry been on holidays and some other projects took priority, I was able to install your image and dnsmasq works fine but it really needs dhcpd to work properly. Is this a module that can be added without a kernel compile?

Please find dhcp related ipk packages for bsp 5.x as below, and use “opkg install” command on colibri imx8x to install what you need.

https://share.toradex.com/g3ykxih08eoviwg