Wireless overview

Introduction

Linux Wireless is the source for documentation regarding the entire Linux Kernel IEEE 802.11 ("wireless") subsystem. It is a wiki like this one, so feel free to contribute there as well! Everything not OpenWrt specific, belongs there. This page is an exception, as I believe I can provide a better introduction. ;-)

  • IEEE 802.3 is a family of communication protocols comprising Layer 1 and Layer 2 Sublayer MAC
  • IEEE 802.3 has an official name: Ethernet
  • IEEE 802.11 is a family of communication protocols also comprising Layer 1 and Layer 2 Sublayer MAC
  • IEEE 802.11 has no official name; so most people simply call it "wireless" or "wavelan" or wifi (note that Wi-Fi is a brand name)
  • The support for IEEE 802.11 in the Linux-Kernel is fragmented: this means there are two frames (WEXT=deprecated, cfg80211 + nl80211=current) and multiple drivers, e.g.
    • for some atheros WNICs, there are three drivers available: atheros proprietary drivers, madwifi-driver and atheros mac80211-based drivers (ath5, ath9 and ath10k)
    • for some broadcom WNICs, there are also three drivers available: broadcom proprietary drivers, broadcom mac80211-based drivers (the b43) and the brcmSmac- and brcmFmac drivers
    • There are two different types of WNICs to distinguish: SoftMAC and FullMAC devices; also see About mac80211.
  • In contrast to Ethernet drivers, wireless drivers work in a Wireless Mode of Operation.

Wireless Modes of Operation

Driver support for wireless modes of operation

See what the Linux 802.11 driver for your hardware can and cannot do. Some drivers support only one mode: STA (also called station, client or managed mode) other drivers support multiple modes, some even simultaneously:

Limitations when combining multiple wireless modes of operation at the same time do exist.

Regulation in law

Available Frequencies, Bands and Channels are subject to regulation in each state. Please see: http://git.kernel.org/cgit/linux/kernel/git/linville/wireless-regdb.git/tree/db.txt

Wireless Drivers in OpenWrt

Wireless drivers are pulled on a more or less regularly basis from wireless-testing and the OpenWrt-patches which are not mainlined yet are adjusted, see e.g. r36939. The package is called mac80211 in OpenWrt using work of the backports project, previously called compat-wireless or compat-drivers.

Wireless Utilities in OpenWrt

Wireless Tools and Applications available in the OpenWrt repository

Captive portal software available in the OpenWrt repository

nocatauth Layer 3
NoCatAuth is the original "catch and release" captive portal implementation. It provides a simple splash screen web page for clients on your network, as well as a variety of authenticated modes. NoCatAuth is written in Perl.
nocatsplash Layer 3
NoCatSplash is an Open Public Network Gateway Daemon. It performs as a [captive/open/active] portal. When run on a gateway/router on a network, all web requests are redirected until the client either logs in or clicks "I Accept" to an AUP. The gateway daemon then changes the firewall rules on the gateway to pass traffic for that client (based on IP address and MAC address).
NoCatSplash is the C port of NoCatAuth
nodogsplash Layer 3 https://github.com/nodogsplash/nodogsplash
NoDogSplash offers a simple way to open a free hotspot providing restricted access to an internet connection.
It is another alternative from NoCat which aims to offer captive portal solutions local to the router/gateway and a simplistic setup, user bandwidth control and basic auth/splash page. Nodogsplash is small, well tested, tailored for OpenWrt by its author and can be set up with only one or two config file changes, in contrast Chilli is more complete but complex to set up.
wifidog Layer 3 http://dev.wifidog.org/
The Wifidog project is a complete and embeddable captive portal solution for wireless community groups or individuals who wish to open a free Hotspot while still preventing abuse of their Internet connection.
Originally forked from NoCatSplash and NoCatAuth,ran at layer3 using iptables as opposed to chillispots layer2 solutions. Wifidog offers a simple package and none uci based configuration file. Users can be managed and controlled through the gateway and hooked into any custom user management. This solution creates a custom central user management system. You can build your own login page and user management system or use their own portal system.
chillispot Layer 2 http://www.chillispot.org/
ChilliSpot is an open source captive portal or wireless LAN access point controller. It is used for authenticating users of a wireless LAN. It supports web based login which is today's standard for public HotSpots and it supports Wireless Protected Access (WPA) which is the standard of the future. Authentication, authorization and accounting (AAA) is handled by your favorite RADIUS server.
Layer 2 solution using a RADIUS database for the backend user management and tracking. WARNING: This project may be dead. There hasn't really been much work on this project for years. Which leads to the next project.
coova-chilli Layer 2 / Layer 3 http://www.coova.org/
CoovaChilli is an open source access controller for wireless LAN access points and is based on ChilliSpot. It is used for authenticating users of a wireless (or wired) LAN. It supports web based login (UAM) which is today's standard for public HotSpots and it supports Wireless Protected Access (WPA) which is the standard of the future. Authentication, authorization and accounting (AAA) is handled by your favorite RADIUS server.
Built on top of Chillispot with several improvements and additions. Includes WISPr support, and much more. Main captive portal solution used in CoovaAP.
pepperspot Layer 2 http://sourceforge.net/projects/pepperspot/
PepperSpot is a captive portal or wireless LAN access point controller which support the IPv6 protocol. It supports web based login and it supports Wireless Protected Access (WPA). Authentication is handled by your favorite RADIUS server (over IPv4/IPv6).
Another Chillispot fork. Support for IPv6 protocol, Wireless Protected Access (WPA). Also RADIUS server backend.

Wireless packages available in the OpenWrt repository

This shall be, but is not, an exhaustive list of all packages in the OpenWrt repository regarding wireless stuff to play with. The installation is always the same opkg install <package>, for documentation regarding the configuration and utilization, search for Howtos in this wiki or in the Internet.

Name Size Description
airpwn 23618 Airpwn is a framework for 802.11 (wireless) packet injection. Airpwn listens to incoming wireless packets, and if the data matches a pattern specified in the config files, custom content is injected "spoofed" from the wireless access point. From the perspective of the wireless client, airpwn becomes the server.
collectd-mod-wireless 7321 wireless status input plugin
freifunk-watchdog 9546 A watchdog daemon that monitors wireless interfaces to ensure the correct BSSID and channel. The process will initiate a wireless restart as soon as it detects a BSSID or channel mismatch.
karma 8605 KARMA is a set of tools for assessing the security of wireless clients at multiple layers. Wireless sniffing tools discover clients and their preferred/trusted networks by passively listening for 802.11 Probe Request frames.
kmod-wprobe 9408 A module that exports measurement data from wireless driver to user space
mdk3 49495 Tool to exploit wireless vulnerabilities
wavemon 32209 wavemon is a ncurses-based monitoring application for wireless network devices. Based on WEXT-API
wireless-tools 30236 This package contains a collection of tools for configuring wireless adapters implementing WEXT-API

Wireless drivers available in the OpenWrt repository

E.g.:

Package Dependencies
kmod-ath9k
kmod-ath9k-common
kmod-ath
kmod-mac80211
kmod-crypto-core
kmod-crypto-arc 4 kmod-crypto-core
kmod-crypto-aes
kmod-cfg80211 wireless-tools
iw libnl-tiny
crda
Overall size = 486.450 Bytes
kmod-ath5k
kmod-ath
kmod-mac80211
kmod-crypto-core
kmod-crypto-arc 4 kmod-crypto-core
kmod-crypto-aes
kmod-cfg80211 wireless-tools
iw libnl-tiny
crda
Overall size = 308.902 Bytes
kmod-b43
kmod-ssb
kmod-bcma
kmod-mac80211
kmod-crypto-core
kmod-crypto-arc 4 kmod-crypto-core
kmod-crypto-aes
kmod-cfg80211 wireless-tools
iw libnl-tiny
crda
Overall size = 561.201 Bytes
Name Size Description
kmod-ath9k 155.684 This module adds support for wireless adapters based on Atheros IEEE 802.11n AR5008 and AR9001 family of chipsets.
kmod-ath9k-htc 113.441 This module adds support for wireless adapters based on Atheros USB AR9271 and AR7010 family of chipsets.
kmod-ath9k-common 104.136 Atheros 802.11n wireless devices (common code for ath9k and ath9k_htc)
kmod-ath5k 82.272 This module adds support for wireless adapters based on Atheros 5xxx chipset.
kmod-ath 10.059 This module contains some common parts needed by Atheros Wireless drivers.
kmod-b43 210.860 Kernel module for Broadcom 43xx wireless support (mac80211 stack)
kmod-mac80211 139.372 Generic IEEE 802.11 Networking Stack (mac80211)
kmod-cfg80211 93.696 cfg80211 is the Linux wireless LAN (802.11) configuration API.
iw 32.100 cfg80211 interface configuration utility
wireless-tools 23.153 Contains iwconfig, iwlist and iwpriv; tools for configuring wireless adapters implementing the WExt.
crda 9.627 The Central Regulatory Domain Agent serves one purpose: tell Linux kernel what to enforce. In essence it is a udev helper for communication between the kernel and userspace. You only need to run this manually for debugging purposes. For manual changing of regulatory domains use iw (iw reg set) or wpa-supplicant (feature yet to be added).
libnl-tiny 13.529 This package contains a stripped down version of libnl
Due to r31954 tweaking the regulatory.bin to enbale channel 13 and 14 is no longer an option.

Wireless security

  • WEP (unsecure, cracked)
  • WPA (sufficiently secure if strong passwords are used and WPS disabled)
  • WPA2 (secure if strong passwords are used and WPS disabled)
  • 802.11X (secure) Authentication of LDAP domain credentials. FIXME Can openwrt do this? With radius ?

Wireless recipes

You can find a couple of probed scenarios under →recipes.

Troubleshooting

Notes

OpenWrt Wireless FAQ

Back to top

doc/howto/wireless.overview.txt · Last modified: 2014/06/01 15:48 by aavelarbr