| WIKI | FAQ | Tech FAQ | |
 http://csua.com/feed/ | |
| ||||||
| 7/8 |
| 2006/1/25-27 [Computer/SW/OS/FreeBSD] UID:41508 Activity:nil |
1/25 FreeBSD users: What's the official way to specify network
priority when configuring wireless networks on a laptop that
travels between multiple networks? Some are open AP, some use
WEP, and some use WPA. FreeBSD Handbook only mentions the
manual ifconfig method.
\_ I think elite people write their own custom scripts.
This is a definite shortcoming with FreeBSD.
\_ I found this documentation after my post, which describes
using wpa_supplicant. It seems to work for me some of the
times, but not others. Very inconsistent. -op
http://www.freebsdmall.com/~loader/en_US.ISO8859-1/articles/wireless/article.html
http://tinyurl.com/ckjyy (freebsdmall.com) |
| www.freebsdmall.com/~loader/en_US.ISO8859-1/articles/wireless/article.html A basic wireless network consists of multiple stations communicating with radios that broadcast in either the 24GHz or 5GHz band (though this varies according to the locale and is also changing to enable communication in the 23Ghz and 49Ghz ranges). even when one station wants to communicate with another wireless station messages must go through the AP. In the second form of network there is no master and stations communicate directly. This form of network is termed an IBSS and is commonly know as an adhoc network. These specifications include the operating frequencies, MAC layer characteristics including framing and transmission rates (communication can be done at various rates). This protocol uses a fixed pre-shared key and the RC4 cryptographic cipher to encode data transmitted on a network. Stations must all agree on the identity of the fixed key in order to communmicate. This scheme was shown to be easily broken and is now rarely used except to discourage transient users from joining networks. Further, cryptographic keys are periodically refreshed and there are mechanisms for detecting intrusion attempts (and for countering intrusion attempts). Another security protocol specification commonly used in wireless networks is termed WPA. Specifically WPA defines the TKIP protocol that is derived from the original WEP protocol. Proper implementation of these protocols enable high speed bursting of data and prioritized traffic flow. The latter is separated into multiple modules so that you need only configure the software you are actually going to use. The most commonly used devices are those that use parts made by Atheros. The Atheros driver is split up into three separate pieces: the driver proper (ath), the hardware support layer that handles chip-specific functions (ath_hal), and an algorithm for selecting which of several possible rates for transmitting frames (ath_rate_sample here). If instead of an Atheros device you had another device you would select the module for that device; eg device wi for devices based on the Intersil Prism parts. These are intended to be dynanmically loaded on demand by the wlan module but for now they must be statically configured. If your network is to run totally open (ie with no encryption) then you don't even need the wlan_wep support. The wlan_xauth module is used to construct an authenticator based on the hostapd program; it delegates authentication requests for stations associating to an access point to an external agent (hostapd in this case). The wlan_acl module implements an access control mechanism whereby an AP can restrict the stations that associate based on their MAC address. Like WEP this is provided to discourage casual users from joining a network; in practice it provides little true security to a wireless network. Please note that you need to configure those modules manually as the kernel is not yet able to dynamically load them on-demand. Only the super-user can initiate such a scan: # ifconfig ath0 up scan dlinkap 00:13:46:49:41:76 6 54M 29:0 100 EPS WPA WME freebsdap 00:11:95:c3:0d:ac 1 54M 22:0 100 EPS WPA Depending on the capabilities of the APs, the following flags can be included in the output: E Extended Service Set (ESS). Indicates that the station is part of an infrastructure network (in contrast to an IBSS/ad-hoc network). Indicates that the station is part of an ad-hoc network (in contrast to an ESS network). Data confidentiality is required for all data frames exchanged within the BSS. This means that this BSS requires the station to use cryptographic means such as WEP, TKIP or AES-CCMP to encrypt/decrypt data frames being exchanged with others. list scan: Display the access points and/or ad-hoc neighbors located in the vicinity. This information may be updated automatically by the adaptor and/or with a scan'' request. RSN (WPA2) uses CCMP (Counter Mode with CBC-MAC Protocol) instead of TKIP. Warning: Always use strong passwords that are sufficiently long and made from a rich alphabet so they won't be guessed and/or attacked. There is no authentication mechanism, only a weak form of access control, and it's easily to be cracked. It should in the index:key format, If the index is not give, key 1 is set. That is to say we need to set the index if we use other keys rather than the first key. And wpa_supplicant also can be used to locate and configure access points which configured with WEP. conf Trying to associate with 00:13:46:49:41:76 (SSID='dlinkap' freq=2437 MHz) Associated with 00:13:46:49:41:76 32 FreeBSD Host Access Points FreeBSD also can function as an Access Point, and now it supports WPA with the hostapd. debug: 0xc80000 => 0x44ec0400<debug,xrate,assoc,auth,scan,state,power,wme> If the above information does not help clarify the problem, please submit a problem report and include output from the above tools. |
| tinyurl.com/ckjyy -> www.freebsdmall.com/~loader/en_US.ISO8859-1/articles/wireless/article.html A basic wireless network consists of multiple stations communicating with radios that broadcast in either the 24GHz or 5GHz band (though this varies according to the locale and is also changing to enable communication in the 23Ghz and 49Ghz ranges). even when one station wants to communicate with another wireless station messages must go through the AP. In the second form of network there is no master and stations communicate directly. This form of network is termed an IBSS and is commonly know as an adhoc network. These specifications include the operating frequencies, MAC layer characteristics including framing and transmission rates (communication can be done at various rates). This protocol uses a fixed pre-shared key and the RC4 cryptographic cipher to encode data transmitted on a network. Stations must all agree on the identity of the fixed key in order to communmicate. This scheme was shown to be easily broken and is now rarely used except to discourage transient users from joining networks. Further, cryptographic keys are periodically refreshed and there are mechanisms for detecting intrusion attempts (and for countering intrusion attempts). Another security protocol specification commonly used in wireless networks is termed WPA. Specifically WPA defines the TKIP protocol that is derived from the original WEP protocol. Proper implementation of these protocols enable high speed bursting of data and prioritized traffic flow. The latter is separated into multiple modules so that you need only configure the software you are actually going to use. The most commonly used devices are those that use parts made by Atheros. The Atheros driver is split up into three separate pieces: the driver proper (ath), the hardware support layer that handles chip-specific functions (ath_hal), and an algorithm for selecting which of several possible rates for transmitting frames (ath_rate_sample here). If instead of an Atheros device you had another device you would select the module for that device; eg device wi for devices based on the Intersil Prism parts. These are intended to be dynanmically loaded on demand by the wlan module but for now they must be statically configured. If your network is to run totally open (ie with no encryption) then you don't even need the wlan_wep support. The wlan_xauth module is used to construct an authenticator based on the hostapd program; it delegates authentication requests for stations associating to an access point to an external agent (hostapd in this case). The wlan_acl module implements an access control mechanism whereby an AP can restrict the stations that associate based on their MAC address. Like WEP this is provided to discourage casual users from joining a network; in practice it provides little true security to a wireless network. Please note that you need to configure those modules manually as the kernel is not yet able to dynamically load them on-demand. Only the super-user can initiate such a scan: # ifconfig ath0 up scan dlinkap 00:13:46:49:41:76 6 54M 29:0 100 EPS WPA WME freebsdap 00:11:95:c3:0d:ac 1 54M 22:0 100 EPS WPA Depending on the capabilities of the APs, the following flags can be included in the output: E Extended Service Set (ESS). Indicates that the station is part of an infrastructure network (in contrast to an IBSS/ad-hoc network). Indicates that the station is part of an ad-hoc network (in contrast to an ESS network). Data confidentiality is required for all data frames exchanged within the BSS. This means that this BSS requires the station to use cryptographic means such as WEP, TKIP or AES-CCMP to encrypt/decrypt data frames being exchanged with others. list scan: Display the access points and/or ad-hoc neighbors located in the vicinity. This information may be updated automatically by the adaptor and/or with a scan'' request. RSN (WPA2) uses CCMP (Counter Mode with CBC-MAC Protocol) instead of TKIP. Warning: Always use strong passwords that are sufficiently long and made from a rich alphabet so they won't be guessed and/or attacked. There is no authentication mechanism, only a weak form of access control, and it's easily to be cracked. It should in the index:key format, If the index is not give, key 1 is set. That is to say we need to set the index if we use other keys rather than the first key. And wpa_supplicant also can be used to locate and configure access points which configured with WEP. conf Trying to associate with 00:13:46:49:41:76 (SSID='dlinkap' freq=2437 MHz) Associated with 00:13:46:49:41:76 32 FreeBSD Host Access Points FreeBSD also can function as an Access Point, and now it supports WPA with the hostapd. debug: 0xc80000 => 0x44ec0400<debug,xrate,assoc,auth,scan,state,power,wme> If the above information does not help clarify the problem, please submit a problem report and include output from the above tools. |