This is barely an implementation of a WiFi 802.11 Access Point, using Scapy.
It can run virtually with mac80211_hwsim or on real, actual radio interfaces in monitor mode sending physical signals.
It has also been used with socat to relay wifi frames over tcp sockets.
On Linux, this code lets you spin up a python access point. It supports stations connecting with WPA2 & CCMP encryption.
This code just barely gets the job done -- it should NOT be used as a reference for writing production code. It has NO protocol security, as it is not security robust despite performing authenticated CCMP encryption.
The code is largely self contained python code (other than scapy). As a demo it's set up to run with mac80211_hwsim.
The cryptographic primitives for CCMP to demonstrate the individual building blocks directly.
Build the container with ./build.sh and then run it with ./setup.sh
./build.sh
./setup.sh
Inspect IP traffic
docker exec -it barely-ap tcpdump -i scapyap
docker exec -it barely-sta tcpdump -i wlan1