[20070816]
|
Network auto-detection scripts
Some time ago
I had to redo the network auto-detection scripts on
my laptop when the harddisk crashed and I had no backup.
Here's an attempt at documenting things.
The picture: My laptop has an ethernet and a wireless card,
tlp0 and ath0. Ethernet can be plugged in at times, and should have
precedence over wireless -- this is mostly to prevent a wifi network
bouncing up and down interrupting operating via the cable. Wireless can be
configured in several ways, including no security, WEP or WPA.
The machine should try to find network when
waking up from APM, when ethernet is plugged in, or when a
wireless network is found (using whatever SSID).
The idea is to use
wpa_supplicant(8)
to detect wifi networks and mark the ath0 interface as
"connected".
NetBSD's
ifwatchd(8)
is used
to detect if either ethernet or wifi is "connected" or disconnected
when the machine's either running, or returning from sleep.
A shell script then runs dhcp and does assorted setup and cleanup.
The main engine in this setup is ifwatchd(8),
which basically handles all the work that's either induced by
kicking wpa_supplicant(8) via APM, wpa_supplicant(8) finding a
working wifi network, or by plugging in/out an ethernet cable.
The configuration:
- /etc/rc.conf:
apmd=yes
wpa_supplicant=yes
wpa_supplicant_flags="-B -iath0 -c/root/wpa.conf"
ifwatchd=yes
ifwatchd_flags="-c /root/ifwatch-up -n /root/ifwatch-down tlp0 ath0"
- WPA supplicant config: /root/wpa.conf
Here's a sample config file for wpa_supplicant(8) that I use
for University, home and another place. Note that the WPA in there
is a bit more complex than in a home-setup with just a pre-shared key
(PSK):
% cat /root/wpa.conf
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=wheel
#
# WPA-enabled network with identities
# (used at uni-regensburg.de and fh-regensburg.de)
#
network={
ssid="802.11i"
key_mgmt=WPA-EAP
eap=TTLS
identity="abc12345"
password="foobar"
phase2="auth=PAP"
}
#
# An unencrypted (open) network:
#
network={
ssid="eyeswideshut"
scan_ssid=1
key_mgmt=NONE
}
#
# A WEP-encrypted network with pre-shared key:
#
network={
ssid="wepssid"
scan_ssid=1
key_mgmt=NONE
wep_key0="wepkey"
#wep_tx_keyidx=0
#priority=5
}
- Watching interfaces: /root/ifwatch-updown
ifwatchd(8) can't pass parameters, so I'm using two different
scripts, and then look at $0 to see if we're going up or down:
% ls -la /root/ifwatch-*
lrwxr-xr-x 1 root wheel 14 Mar 10 12:27 /root/ifwatch-down -> ifwatch-updown
lrwxr-xr-x 1 root wheel 14 Mar 10 12:27 /root/ifwatch-up -> ifwatch-updown
-rwxr-xr-x 1 root wheel 760 Aug 16 11:45 /root/ifwatch-updown
Here is the script that handles ethernet and wifi networks
going up and down:
% cat /root/ifwatch-updown
#!/bin/sh
#
# See if network is going up or down, to be called via ifwatchd(8)
#
# Copyright (c) 2007 Hubert Feyrer <hubert@feyrer.de>
# All rights reserved.
#
case $0 in
*-up)
case $1 in
tlp*)
# Disable wireless bouncing up and down if we're on wire
#
logger stopping wpa_supplicant
sh /etc/rc.d/wpa_supplicant stop
;;
esac
pkill dhclient
sh /etc/rc.d/network restart
dhclient $1
sh /etc/rc.d/ntpd restart
;;
*-down)
case $1 in
tlp*)
# Re-enable wireless if we go off-wire
#
logger starting wpa_supplicant
sh /etc/rc.d/wpa_supplicant start
;;
esac
pkill -x ssh
sh /etc/rc.d/ntpd stop
pkill dhclient
sh /etc/rc.d/network stop
route delete 194.95.108.0/24
;;
*)
logger "$0 $@": unknown
;;
esac
logger "$0 $@" done.
echo ^G >/dev/console
A few comments:
- As the comment says, if the ethernet interface (tlp)
is found to be connected, wpa_supplicant(8) is stopped to prevent
it from bouncing up and down and possibly disrupt things.
- I stop the network at every time, to flush routes and everything.
This mostly works, but not completely, thus I remove one route
manually. Someone please fix "route flush"...
- I use NTP, and to prevent ntpd(8) from spamming the logs when
offline, I disable it when offline.
- When network goes away, I kill my ssh sessions. I prefer this
over dead sessions that I have to kill with ~.
- The echo-command in the last line sends a beep with ^G to give
a signal that network's up/down now.
- APM setup:
During my experiments, wpa_supplicant(8) died during suspend/resume,
I thus stop it before suspending, and start after resuming. This
may also have positive effects on power consumption (if not it should
probably be hooked in here). My machine uses APM, and I mostly use
/usr/share/examples/apm/script, see that file for install instructions.
Here's the diff that I use to handle wpa_supplicant - dhclient is
restarted via ifwatchd:
% diff -u /usr/share/examples/apm/script /etc/apm/battery
--- /usr/share/examples/apm/script 2003-03-11 15:56:54.000000000 +0100
+++ /etc/apm/battery 2007-03-10 12:57:21.000000000 +0100
@@ -25,7 +25,7 @@
S=/usr/X11R6/share/kde/sounds
# What my network card's recognized as:
-if=ne0
+if=ath0
LOGGER='logger -t apm'
@@ -43,8 +43,11 @@
# In case some NFS mounts still exist - we don't want them to hang:
umount -a -t nfs
umount -a -f -t nfs
- ifconfig $if down
- sh /etc/rc.d/dhclient stop
+
+ sh /etc/rc.d/wpa_supplicant stop
+
+ cd /usr/tmp ; make off
+
$LOGGER 'Suspending done.'
;;
@@ -62,7 +65,9 @@
*resume)
$LOGGER 'Resuming...'
noise $S/KDE_Startup.wav
- sh /etc/rc.d/dhclient start
+
+ sh /etc/rc.d/wpa_supplicant start
+
# mount /home
# mount /data
$LOGGER 'Resuming done.'
The "make off" when shutting down the machine unmounts the
cgf-encrypted data partition
that I'm using for SSH and PGP keys. I manually mount it when
I need it again.
With these four steps -- rc.conf, wpa.conf, ifwatch-script, and APM script
-- things should be in place to auto-detect cable and wifi networks,
and get things online.
The future -- more work on this would include
adding ACPI/powerd(8) scripts,
and putting all of this either into the default NetBSD install,
or at least into NetBSD's /usr/share/examples.
[Tags: apm, cgd, cgf, ifwatchd, networking, wlan, wpa]
|
[20070814]
|
Catching up: netbsd.se web design contest, CuWIN, cobalt restore CD, ...
Ok, some more busy days have passed, and I feel like I should post
about things that have happened. Sorry for not being more upto
date. So, what happened in NetBSD land?
[Tags: acpi, cobalt, contest, cuwin, mp3, netbsd.se, podcast, pofacs, soekris, wlan]
|
[20051206]
|
Patch: an(4) radiotap for NetBSD 3.0 (Update #1)
Eric Auge has privided a patch against the an(4) driver for
Aironet 4500/4800 and Cisco 340/350 series wireless network drivers in
the upcoming NetBSD 3.0
release (available today on the netbsd-3 branch ans via some
release candidates), allowing it to capture tcpdump(8) packets
including their IEEE 802.11 headers.
The patch also includes support for newer firmwares.
See
his mail
for more information and a link to his patch.
Update #1:
Eric has updated me that ``radiotap gives informations about the state of the card at the time
the packet was received, the best example for that is using radiotap headers
to have signal/noise informations without each time asking the card (using
ioctl()).
With radiotap header the signal informations for this packet are embedded
in those headers, same for channel informations, malformed packet flags,
other flags or infos the card can provide directly within the driver
(usually not accessible from userland) etc..''
For more data, see the
ieee80211_radiotap(9)
manpage (on -current, maybe 3.0 - I'm happy with 2.1 on my
laptop!)
[Tags: networking, radiotap, wlan]
|
[20051126]
|
ural(4) for NetBSD 3.0
iMil has finished a backport of the latest ural(4) driver
from NetBSD-current to the netbsd-3 branch. See
his mail for all the details.
[Tags: drivers, wlan]
|
[20051107]
|
Article: Secure WiFi client stack supports WPA2, CCX, Linux
In context of Devicescape Software ``shipping a "cross-platform" WiFi
stack for wireless consumers and office client devices'',
their Vice President of Marketing, Glee Flinchbaugh is quoted to admit
that while ``Wireless access points seem to all be running Linux''
that ``There's a little bit of NetBSD out there''.
See the
full article
for more.
[Tags: Articles, wlan]
|
[20051016]
|
Volunteers wanted for a wireless "mesh" network
David Young is working on CUWiN, which is
`` an IPv4 / IPv6 network that provides both a community intranet and Internet service over a "mesh" of wireless routers on subscribers' homes''.
If you want to help out on the project, which is
``an inexhaustible supply of sub-projects'', check
David's mail to tech-net
or check out his pages on
Internet gateway selection and a
simulation environment.
[Tags: ipv6, mesh, wlan]
|
[20051002]
|
WPA Support in NetBSD-current
If you have a recent wireless card and access point, you can use
NetBSD(-current) now to use
Wi-Fi Protected Access - WPA.
Steve Woodford has imported the necessary code and also sent
instructions
on how to use it - seems fairly trivial.
BTW, to those wondering, the code is originally offered under a
BSD/GPL dual-license. The BSD part is of course what NetBSD chooses,
hence no import of this into src/gnu.
[Tags: Security, wlan]
|
[20050807]
|
WPA / IEEE 802.1x progress
It seems that Ronald van der Pol
convinced
NetBSD to talk IEEE 802.1 authentication for wireless LAN
using hostapd with his Atheros card. It seems that
a few small patches
were needed to compile things, but nothing serious.
Let's hope this gets integrated into NetBSD and documented(!)
eventually. (We should start a WLAN chapter in the NetBSD Guide... :)
(Why is this interesting for me and Jan? I've moved to teach
at Jan's campus this fall, and they seem to be phasing out the
MAC/DHCP-based wireless LAN with something that's using
IEEE 802.1x and some *yuck* Windows-domain accounts - but at
least no more seperate registration for machines then...)
[Tags: wlan, wpa]
|
[20050608]
|
Article: Open Mesh
There's an article
that describes how to skip the digital divide by making bandwidth
cheaply available via mesh neighbourhoods PCs. The article
introduces the solution by the Champaign-Urbana Community Wireless Network (CUWiN)
which uses a software setup based on NetBSD
and freely available. Interesting detail: automatic software
upgrade made easy.
[Tags: Articles, mesh, wlan]
|
[20050323]
|
ural(4) - Ralink Technology RT2500USB IEEE 802.11 driver
Fukaumi Naoki has ported Damien Bergamini's ural(4) to NetBSD,
see his posting to tech-kern.
[Tags: wlan]
|
|
Tags: ,
2bsd,
34c3,
3com,
501c3,
64bit,
acl,
acls,
acm,
acorn,
acpi,
acpitz,
adobe,
adsense,
Advocacy,
advocacy,
advogato,
aes,
afs,
aiglx,
aio,
airport,
alereon,
alex,
alix,
alpha,
altq,
am64t,
amazon,
amd64,
anatomy,
ansible,
apache,
apm,
apple,
arkeia,
arla,
arm,
art,
Article,
Articles,
ascii,
asiabsdcon,
aslr,
asterisk,
asus,
atf,
ath,
atheros,
atmel,
audio,
audiocodes,
autoconf,
avocent,
avr32,
aws,
axigen,
azure,
backup,
balloon,
banners,
basename,
bash,
bc,
beaglebone,
benchmark,
bigip,
bind,
blackmouse,
bldgblog,
blog,
blogs,
blosxom,
bluetooth,
board,
bonjour,
books,
boot,
boot-z,
bootprops,
bozohttpd,
bs2000,
bsd,
bsdca,
bsdcan,
bsdcertification,
bsdcg,
bsdforen,
bsdfreak,
bsdmac,
bsdmagazine,
bsdnexus,
bsdnow,
bsdstats,
bsdtalk,
bsdtracker,
bug,
build.sh,
busybox,
buttons,
bzip,
c-jump,
c99,
cafepress,
calendar,
callweaver,
camera,
can,
candy,
capabilities,
card,
carp,
cars,
cauldron,
ccc,
ccd,
cd,
cddl,
cdrom,
cdrtools,
cebit,
centrino,
cephes,
cert,
certification,
cfs,
cgd,
cgf,
checkpointing,
china,
christos,
cisco,
cloud,
clt,
cobalt,
coccinelle,
codian,
colossus,
common-criteria,
community,
compat,
compiz,
compsci,
concept04,
config,
console,
contest,
copyright,
core,
cortina,
coverity,
cpu,
cradlepoint,
cray,
crosscompile,
crunchgen,
cryptography,
csh,
cu,
cuneiform,
curses,
curtain,
cuwin,
cvs,
cvs-digest,
cvsup,
cygwin,
daemon,
daemonforums,
daimer,
danger,
darwin,
data,
date,
dd,
debian,
debugging,
dell,
desktop,
devd,
devfs,
devotionalia,
df,
dfd_keeper,
dhcp,
dhcpcd,
dhcpd,
dhs,
diezeit,
digest,
digests,
dilbert,
dirhash,
disklabel,
distcc,
dmesg,
Docs,
Documentation,
donations,
draco,
dracopkg,
dragonflybsd,
dreamcast,
dri,
driver,
drivers,
drm,
dsl,
dst,
dtrace,
dvb,
ec2,
eclipse,
eeepc,
eeepca,
ehci,
ehsm,
eifel,
elf,
em64t,
Embedded,
embedded,
emips,
emulate,
encoding,
envsys,
eol,
espresso,
etcupdate,
etherip,
euca2ools,
eucalyptus,
eurobsdcon,
eurosys,
Events,
exascale,
ext3,
f5,
facebook,
falken,
fan,
faq,
fatbinary,
features,
fefe,
ffs,
filesystem,
fileysstem,
firefox,
firewire,
fireworks,
flag,
flash,
flashsucks,
flickr,
flyer,
fmslabs,
force10,
fortunes,
fosdem,
fpga,
freebsd,
freedarwin,
freescale,
freex,
freshbsd,
friendlyAam,
friendlyarm,
fritzbox,
froscamp,
fsck,
fss,
fstat,
ftp,
ftpd,
fujitsu,
fun,
fundraising,
funds,
funny,
fuse,
fusion,
g4u,
g5,
galaxy,
games,
gcc,
gdb,
gentoo,
geode,
getty,
gimstix,
git,
gnome,
google,
google-soc,
googlecomputeengine,
gpio,
gpl,
gprs,
gracetech,
gre,
groff,
groupwise,
growfs,
grub,
gumstix,
guug,
gzip,
hackathon,
hackbench,
hal,
hanoi,
happabsd,
hardware,
Hardware,
haze,
hdaudio,
heat,
heimdal,
hf6to4,
hfblog,
hfs,
history,
hosting,
hotplug,
hp,
hp700,
hpcarm,
hpcsh,
hpux,
html,
httpd,
hubertf,
hurd,
i18n,
i386,
i386pkg,
ia64,
ian,
ibm,
ids,
ieee,
ifwatchd,
igd,
iij,
image,
images,
imx233,
imx7,
information,
init,
initrd,
install,
intel,
interix,
internet2,
interview,
interviews,
io,
ioccc,
iostat,
ipbt,
ipfilter,
ipmi,
ipplug,
ipsec,
ipv6,
irbsd,
irc,
irix,
iscsi,
isdn,
iso,
isp,
itojun,
jail,
jails,
japanese,
java,
javascript,
jetson,
jibbed,
jihbed,
jobs,
jokes,
journaling,
kame,
kauth,
kde,
kerberos,
kergis,
kernel,
keyboardcolemak,
kirkwood,
kitt,
kmod,
kolab,
kvm,
kylin,
l10n,
landisk,
laptop,
laptops,
law,
ld.so,
ldap,
lehmanns,
lenovo,
lfs,
libc,
license,
licensing,
linkedin,
links,
linksys,
linux,
linuxtag,
live-cd,
lkm,
localtime,
locate.updatedb,
logfile,
logging,
logo,
logos,
lom,
lte,
lvm,
m68k,
macmini,
macppc,
macromedia,
magicmouse,
mahesha,
mail,
makefs,
malo,
mame,
manpages,
marvell,
matlab,
maus,
max3232,
mbr95,
mbuf,
mca,
mdns,
mediant,
mediapack,
meetbsd,
mercedesbenz,
mercurial,
mesh,
meshcube,
mfs,
mhonarc,
microkernel,
microsoft,
midi,
mini2440,
miniroot,
minix,
mips,
mirbsd,
missile,
mit,
mixer,
mobile-ip,
modula3,
modules,
money,
mouse,
mp3,
mpls,
mprotect,
mtftp,
mult,
multics,
multilib,
multimedia,
music,
mysql,
named,
nas,
nasa,
nat,
ncode,
ncq,
ndis,
nec,
nemo,
neo1973,
netbook,
netboot,
netbsd,
netbsd.se,
nethack,
nethence,
netksb,
netstat,
netwalker,
networking,
neutrino,
nforce,
nfs,
nis,
npf,
npwr,
nroff,
nslu2,
nspluginwrapper,
ntfs-3f,
ntp,
nullfs,
numa,
nvi,
nvidia,
nycbsdcon,
office,
ofppc,
ohloh,
olimex,
olinuxino,
olpc,
onetbsd,
openat,
openbgpd,
openblocks,
openbsd,
opencrypto,
opendarwin,
opengrok,
openmoko,
openoffice,
openpam,
openrisk,
opensolaris,
openssl,
or1k,
oracle,
oreilly,
oscon,
osf1,
osjb,
paas,
packages,
pad,
pae,
pam,
pan,
panasonic,
parallels,
pascal,
patch,
patents,
pax,
paypal,
pc532,
pc98,
pcc,
pci,
pdf,
pegasos,
penguin,
performance,
pexpect,
pf,
pfsync,
pgx32,
php,
pie,
pike,
pinderkent,
pkg_install,
pkg_select,
pkgin,
pkglint,
pkgmanager,
pkgsrc,
pkgsrc.se,
pkgsrccon,
pkgsrcCon,
Platforms,
plathome,
pleiades,
pocketsan,
podcast,
pofacs,
politics,
polls,
polybsd,
portability,
posix,
postinstall,
power3,
powernow,
powerpc,
powerpf,
pppoe,
precedence,
preemption,
prep,
presentations,
prezi,
Products,
products,
proplib,
protectdrive,
proxy,
ps,
ps3,
psp,
psrset,
pthread,
ptp,
ptyfs,
Publications,
puffs,
puredarwin,
pxe,
qemu,
qnx,
qos,
qt,
quality-management,
quine,
quote,
quotes,
r-project,
ra5370,
radio,
radiotap,
raid,
raidframe,
rants,
raptor,
raq,
raspberrypi,
rc.d,
readahead,
realtime,
record,
refuse,
reiserfs,
Release,
releases,
Releases,
releng,
reports,
resize,
restore,
ricoh,
rijndael,
rip,
riscos,
rng,
roadmap,
robopkg,
robot,
robots,
roff,
rootserver,
rotfl,
rox,
rs323,
rs6k,
rss,
ruby,
rump,
rzip,
sa,
safenet,
san,
sata,
savin,
sbsd,
scampi,
scheduler,
scheduling,
schmonz,
sco,
screen,
script,
sdf,
sdtemp,
secmodel,
Security,
security,
sed,
segvguard,
seil,
sendmail,
serial,
serveraptor,
sfu,
sge,
sgi,
sgimips,
sh,
sha2,
shark,
sharp,
shisa,
shutdown,
sidekick,
size,
slackware,
slashdot,
slides,
slit,
smbus,
smp,
sockstat,
soekris,
softdep,
softlayer,
software,
solaris,
sony,
sound,
source,
source-changes,
spanish,
sparc,
sparc64,
spider,
spreadshirt,
spz,
squid,
ssh,
sshfs,
ssp,
statistics,
stereostream,
stickers,
storage,
stty,
studybsd,
subfile,
sudbury,
sudo,
summit,
sun,
sun2,
sun3,
sunfire,
sunpci,
support,
sus,
suse,
sushi,
susv3,
svn,
swcrypto,
symlinks,
sysbench,
sysctl,
sysinst,
sysjail,
syslog,
syspkg,
systat,
systrace,
sysupdate,
t-shirt,
tabs,
talks,
tanenbaum,
tape,
tcp,
tcp/ip,
tcpdrop,
tcpmux,
tcsh,
teamasa,
tegra,
teredo,
termcap,
terminfo,
testdrive,
testing,
tetris,
tex,
TeXlive,
thecus,
theopengroup,
thin-client,
thinkgeek,
thorpej,
threads,
time,
time_t,
timecounters,
tip,
tk1,
tme,
tmp,
tmpfs,
tnf,
toaster,
todo,
toolchain,
top,
torvalds,
toshiba,
touchpanel,
training,
translation,
tso,
tty,
ttyrec,
tulip,
tun,
tuning,
uboot,
ucom,
udf,
ufs,
ukfs,
ums,
unetbootin,
unicos,
unix,
updating,
upnp,
uptime,
usb,
usenix,
useradd,
userconf,
userfriendly,
usermode,
usl,
utc,
utf8,
uucp,
uvc,
uvm,
valgrind,
vax,
vcfe,
vcr,
veriexec,
vesa,
video,
videos,
virtex,
virtualization,
vm,
vmware,
vnd,
vobb,
voip,
voltalinux,
vpn,
vpnc,
vulab,
w-zero3,
wallpaper,
wapbl,
wargames,
wasabi,
webcam,
webfwlog,
wedges,
wgt624v3,
wiki,
willcom,
wimax,
window,
windows,
winmodem,
wireless,
wizd,
wlan,
wordle,
wpa,
wscons,
wstablet,
X,
x.org,
x11,
x2apic,
xbox,
xcast,
Xen,
xen,
xfree,
xfs,
xgalaxy,
xilinx,
xkcd,
xlockmore,
xmms,
xmp,
xorg,
xscale,
youos,
youtube,
zaurus,
zdump,
zfs,
zlib
'nuff.
Grab the RSS-feed,
index,
or go back to my regular NetBSD page
Disclaimer: All opinion expressed here is purely my own.
No responsibility is taken for anything.