2006年11月6日 星期一
Hostapd configuration
With debug message
./hostapd -dd /etc/hostapd.conf
/etc/hostapd.conf的範例如下
interface=ath0
bridge=br0
driver=madwifi
logger_syslog=-1
logger_syslog_level=0
logger_stdout=-1
logger_stdout_level=0
debug=0
ssid=imhotep
macaddr_acl=0
ctrl_interface=/var/run/hostapd
ctrl_interface_group=0
wpa=1
#wpa_psk_file=/etc/hostapd.wpa_psk
wpa_passphrase=abcdefgh
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
wpa_group_rekey=600
wpa_gmk_rekey=86400
1.WPA
# This field is a bit field that can be used to enable WPA (IEEE 802.11i/D3.0)
# and/or WPA2 (full IEEE 802.11i/RSN):
# bit0 = WPA
# bit1 = IEEE 802.11i/RSN (WPA2) (dot11RSNAEnabled)
wpa = 1 /*WPA*/
wpa = 2 /*WPA2*/
wpa = 3 /*WPA, WPA2*/
2.Key management
# Set of accepted key management algorithms (WPA-PSK, WPA-EAP, or both).
wpa_key_mgmt=WPA-PSK
wpa_key_mgmt=WPA-EAP
wpa_key_mgmt=WPA-PSK WPA-EAP
3.Encryption algorithms
# Set of accepted cipher suites (encryption algorithms) for pairwise keys
# (unicast packets). This is a space separated list of algorithms:
# CCMP = AES in Counter mode with CBC-MAC [RFC 3610, IEEE 802.11i/D7.0]
# TKIP = Temporal Key Integrity Protocol [IEEE 802.11i/D7.0]
wpa_pairwise=TKIP
wpa_pairwise=CCMP
wpa_pairwise=TKIP CCMP
Attention !!!
Remember to insmod wlan_ccmp driver while using CCMP
4.WPA Key
# WPA pre-shared keys for WPA-PSK. This can be either entered as a 256-bit
# secret in hex format (64 hex digits), wpa_psk, or as an ASCII passphrase
# (8..63 characters) that will be converted to PSK. This conversion uses SSID
# so the PSK changes when ASCII passphrase is used and the SSID is changed.
# wpa_psk (dot11RSNAConfigPSKValue)
# wpa_passphrase (dot11RSNAConfigPSKPassPhrase)
wpa_psk=0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
wpa_passphrase=abcdefgh
2006年11月5日 星期日
Wirless tools by examples
1.列出可用的頻道及目前所使用的頻道
~ # iwlist ath0 channel
ath0 26 channels in total; available frequencies :
Channel 01 : 2.412 GHz
Channel 02 : 2.417 GHz
Channel 03 : 2.422 GHz
Channel 04 : 2.427 GHz
Channel 05 : 2.432 GHz
Channel 06 : 2.437 GHz
Channel 07 : 2.442 GHz
Channel 08 : 2.447 GHz
Channel 09 : 2.452 GHz
Channel 10 : 2.457 GHz
Channel 11 : 2.462 GHz
Channel 12 : 2.467 GHz
Channel 13 : 2.472 GHz
Current Frequency:2.422 GHz (Channel 3)
2.設定使用的第9頻道(2.452 GHz)
iwconfig ath0 channel 9
3.列出支援的傳輸速率
~ # iwlist ath0 rate
ath0 12 available bit-rates :
1 Mb/s
2 Mb/s
5.5 Mb/s
11 Mb/s
6 Mb/s
9 Mb/s
12 Mb/s
18 Mb/s
24 Mb/s
36 Mb/s
48 Mb/s
54 Mb/s
Current Bit Rate:0 kb/s
4.設定傳輸速率
~ # iwconfig ath0 rate 54M
5.載入wireless driver.啟動wireless interface並設定為access point
#載入driver且不create athX interface
modprobe ath_pci autocreate=none
#載入wep driver
insmod wlan_wep
wlanconfig ath0 destroy
#Create ath0 & wifi0 interface.設定為access point
wlanconfig ath0 create wlandev wifi0 wlanmode ap
6.設定ESSID
iwconfig ath0 essid myap
7.設定WEP encryption key
WEP encryption key 有64bits及128bits兩種.分別可以5及13個字元或10及26個十六進位數值.
同時可以有四把key可以使用.
~ # iwlist ath0 key
ath0 3 key sizes : 40, 104, 128bits
4 keys available :
[1]: 3132-3334-3637-1234-0000-1111-23 (104 bits)
[2]: off
[3]: off
[4]: off
Current Transmit Key: [1]
Security mode:restricted
#40-bit WEP (also known as 64-bit WEP with 40 secret bits)
#104-bit WEP (also known as 128-bit WEP with 104 secret bits)
#Set current key equal to string "abcde"
iwconfig ath0 key s:abcde
#Set key[1] equal to hex value 0123-4567-89
iwconfig ath0 key [1] 0123-4567-89
iwconfig ath0 key s:abcdefghijklm
iwconfig ath0 key 0123-4567-8901-2345-6789-0123-45
Security mode
有兩種模式open及restricted. 在open mode下不需要認證也會允許未加密的連線.在restricted mode下,加密認證是必要的.
#Set restricted mode, key[2] = abcde
iwconfig ath0 key restricted [2] s:abcde
關閉取消key
#Disable all key
iwconfig ath0 key off
設定使用的Key
#Set current key by key index 2
iwconfig ath0 key [2]
關閉AccessPoint
wlanconfig ath0 destroy
啟動AccessPoint
wlanconfig ath0 create wlandev wifi0 wlanmode ap
設定ESSID
iwconfig ath0 essid imhotep
加入Bridge control
brctl addif br0 ath0
設定physical layer
iwconfig ath0 channel 0
iwpriv ath0 mode 0 /*0 = auto, 1 = a, 2 = b, 3 = g*/
設定mac filter規則
iwpriv ath0 maccmd 0 /*No ACL checking is performed*/
iwpriv ath0 maccmd 1 /*Only allow ACLs in the ACL list*/
iwpriv ath0 maccmd 2 /*Only deny ACLs in the ACL list*/
iwpriv ath0 maccmd 3 /*Clear ACL list*/
iwpriv ath0 maccmd 4 /*Clear ACL list and no ACL checking is performed*/
加入mac address到ACL list
iwpriv ath0 addmac 00:11:22:33:44:55
刪除ACL list中的mac address
iwpriv ath0 delmac 00:11:22:33:44:55
進階設定
1.Beacon interval ( Default : 100, Milliseconds, Range : 1 - 65535)
iwpriv ath0 bintval 100
2.RTS/CTS Threshold ( Default : off, Range : 1 - 2346) , The smallest packet for which the node send RTS.
iwconfig ath0 rts 2346
iwconfig ath0 rts off /*Disable RTS*/
3.DTIM interval ( Default : 1, Range : 1 - 255)
iwpriv ath0 dtim_period 1
4.Atheros SuperA/G bursting mode (Default 1)
iwpriv ath0 burst 0 /* 1 Enable, 0 Disable */