Differences

This shows you the differences between two versions of the page.

doc:howto:wireless.overview [2012/11/26 05:00]
uvray313
doc:howto:wireless.overview [2013/10/17 09:07] (current)
rwx
Line 2: Line 2:
===== Introduction ===== ===== Introduction =====
-[[http://linuxwireless.org/en/users|Linux Wireless]] is //the// source for documentation regarding the entire **Linux IEEE 802.11 ("wireless") subsystem**. It is a wiki like this one, so feel free to contribute there as well! Everything not OpenWrt specific, belongs there. This page is an exception, as I believe I can provide a better introduction. ;-)+[[http://linuxwireless.org/en/users|Linux Wireless]] is //the// source for documentation regarding the entire **Linux Kernel IEEE 802.11 ("wireless") subsystem**. It is a wiki like this one, so feel free to contribute there as well! Everything not OpenWrt specific, belongs there. This page is an exception, as I believe I can provide a better introduction. ;-)
-  * IEEE 802.11 is a family of communication protocols comprising [[wp>Physical Layer|Layer 1]] and [[wp>Media Access Control|Layer 2 Sublayer MAC]] only! +  * IEEE 802.**3** is a family of communication protocols comprising [[wp>Physical Layer|Layer 1]] and [[wp>Media Access Control|Layer 2 Sublayer MAC]]  
-  * IEEE 802.11 has no official name; IEEE 802.3 is officially called "Ethernet", IEEE 1394 is unofficially called "Firewire", IEEE 802.11 has no name so most people simply call it "wireless" or "wavelan" or whatever ([[wp>Wi-Fi]] is a brand name) +  * IEEE 802.3 has an official name: //Ethernet// 
-  * Linux IEEE 802.11 support is rather fragmented. i.e. there are +  * IEEE 802.**11** is a family of communication protocols also comprising Layer 1 and Layer 2 Sublayer MAC 
-    * atheros proprietary drivers, madwifi-driver and atheros mac80211-based drivers (ie: ath5k and ath9k+  * IEEE 802.11 has no official name; so most people simply call it "wireless" or "wavelan" or ''wifi'' (note that [[wp>Wi-Fi]] is a brand name) 
-    * broadcom proprietary drivers, broadcom mac80211-based drivers (the b43) and the brcmSmac- and brcmFmac drivers +  * The support for IEEE 802.11 in the Linux-Kernel is fragmented: this means there are two frames (WEXT=deprecated, cfg80211 + nl80211=current) and multiple drivers, e.g. 
-      * to set up and configure **[[wireless utilities]]** are available, however on OpenWrt the configuration is done via UCI in the files ''[[doc/uci/wireless|/etc/config/wireless]]'' and ''[[doc/uci/network|/etc/config/network]]'' only! +    * for some atheros WNICs, there are three drivers available: atheros proprietary drivers, madwifi-driver and atheros mac80211-based drivers (''ath5'', ''ath9'' and ''ath10k''
- * The Linux //[[http://linuxwireless.org/en/developers/Documentation/mac80211|About mac80211]]// page distinguishes between [[http://www.linuxwireless.org/en/developers/Documentation/Glossary?highlight=%28softmac%29#SoftMAC|SoftMAC]] and [[http://www.linuxwireless.org/en/developers/Documentation/Glossary?highlight=%28FullMAC%29#FullMAC|FullMAC]] devices+    * for some broadcom WNICs, there are also three drivers available: broadcom proprietary drivers, broadcom mac80211-based drivers (the ''b43'') and the brcmSmac- and brcmFmac drivers 
-  * Linux IEEE 802.11 drivers always function on one of the available **[[http://linuxwireless.org/en/users/Documentation/modes|Wireless Modes]]**. Some support only one mode: STA (also called managed) other drivers support multiple modes, some even simultaneously+      * to set up and configure **[[wireless utilities]]** are available, however on OpenWrt we rather use UCI: ''[[doc/uci/wireless|/etc/config/wireless]]'' and ''[[doc/uci/network|/etc/config/network]]''. 
-  * Learn what the Linux 802.11 driver for //your// hardware can and cannot do. The [[http://linuxwireless.org/en/users/Drivers|Existing Linux Wireless drivers]] page covers the capabilities, bugs and TODOs for all the Linux FOSS drivers. You will need to go elsewhere to learn about the proprietary drivers.+   * There are two different types of WNICs to distinguish: [[http://www.linuxwireless.org/en/developers/Documentation/Glossary?highlight=%28softmac%29#SoftMAC|SoftMAC]] and [[http://www.linuxwireless.org/en/developers/Documentation/Glossary?highlight=%28FullMAC%29#FullMAC|FullMAC]] devices; also see //[[http://linuxwireless.org/en/developers/Documentation/mac80211|About mac80211]]//
 +  * In contrast to Ethernet drivers, wireless drivers work in a **Wireless Mode of Operation**.
-===== Wireless Drivers and Utilities in OpenWrt ===== +==== Wireless Modes of Operation ==== 
- * [[wireless.essentials|Wireless Essentials ]] +[[http://linuxwireless.org/en/users/Documentation/modes|Wireless Modes of Operation]]
-  * [[wireless utilities|Wireless Utilities]]+
-===== Wireless FAQ ===== + 
-  * ->[[http://wiki.openwrt.org/doc/faq/faq.wireless|Wireless FAQ]]+==== Driver support for wireless modes of operation ==== 
 +See what the Linux 802.11 driver for //your// hardware can and cannot do. Some drivers support only one mode: STA (also called station, client or managed mode) other drivers support multiple modes, some even simultaneously:\\ 
 +  * →[[http://wireless.kernel.org/en/users/Drivers|wireless.kernel.org: Driver capabilities: support for Wireless Modes of Operation]]\\ 
 +  * →[[wp>Comparison_of_open_source_wireless_drivers#Driver_capabilities|Wikipedia: Driver capabilities: support for Wireless Modes of Operation]] 
 +Limitations when combining multiple wireless modes of operation at the same time do exist.\\ 
 +  * →[[https://forum.openwrt.org/viewtopic.php?pid=204746#p204746|Driver limitations when combining multiple wireless modes of operation]] 
 + 
 + 
 +==== Regulation in law ==== 
 +Available Frequencies, Bands and Channels are subject to regulation in each state. 
 +Please see: http://git.kernel.org/cgit/linux/kernel/git/linville/wireless-regdb.git/tree/db.txt 
 + 
 + 
 +===== Wireless Drivers in OpenWrt ===== 
 +Wireless drivers are pulled on a more or less regularly basis from [[http://git.kernel.org/cgit/linux/kernel/git/linville/wireless-testing.git/|wireless-testing]] and the OpenWrt-patches which are not mainlined yet are adjusted, see e.g. [[https://dev.openwrt.org/changeset/36939/trunk|r36939]]. 
 +The package is called mac80211 in OpenWrt using work of the [[https://backports.wiki.kernel.org/index.php/Main_Page|backports]] project, previously called compat-wireless or compat-drivers. 
 +  * [[https://dev.openwrt.org/search?q=mac80211&changeset=on|commits to OpenWrt trunk regarding mac80211]] 
 +  * [[https://dev.openwrt.org/search?ticket=on&q=mac80211|tickets on mac80211]], better is a custom query in [[wp>Trac]]: e.g. [[https://dev.openwrt.org/query?status=accepted&status=assigned&status=new&status=reopened&description=~mac80211&max=20&order=priority|custom query]] 
 + 
 +===== Wireless Utilities in OpenWrt ===== 
 +  * [[wireless utilities|Wireless Utilities]]
Line 29: Line 49:
  * [[doc:howto:wireless.tool.horst]] – A scanning and analysis tool for IEEE 802.11 networks and especially IBSS (ad-hoc) mode and mesh networks (OLSR).   * [[doc:howto:wireless.tool.horst]] – A scanning and analysis tool for IEEE 802.11 networks and especially IBSS (ad-hoc) mode and mesh networks (OLSR).
  * [[doc:howto:wireless.snort-wireless]] – [[wp>Snort (software)|Snort]] for wireless   * [[doc:howto:wireless.snort-wireless]] – [[wp>Snort (software)|Snort]] for wireless
-  * ->[[doc:howto:wireless.hotspot]] if you want to run a wireless hotspot on OpenWrt and read e.g. [[wp>Hotspot (Wi-Fi)]] or [[wp>Captive portal]] for introduction and explanation. (If you find better source of information, drop it right __here__. ;-)) 
 +==== Captive portal software available in the OpenWrt repository ====
-==== Wireless packages ====+| ''[[doc:howto:wireless.hotspot.nocatauth|nocatauth]]'' | Layer 3 |  | 
 +| ::: | NoCatAuth is the original "catch and release" [[wp>captive portal]] implementation. It provides a simple splash screen web page for clients on your network, as well as a variety of authenticated modes. NoCatAuth is written in [[wp>Perl]]. || 
 +| ''[[doc:howto:wireless.hotspot.nocatsplash|nocatsplash]]'' | Layer 3 |  | 
 +| :::  | NoCatSplash is an Open Public Network Gateway Daemon. It performs as a [captive/open/active] portal. When run on a gateway/router on a network, all web requests are redirected until the client either logs in or clicks "I Accept" to an [[wp>Acceptable use policy|AUP]]. The gateway daemon then changes the firewall rules on the gateway to pass traffic for that client (based on IP address and MAC address).\\ NoCatSplash is the C port of NoCatAuth  || 
 +| ''[[doc:howto:wireless.hotspot.nodogsplash|nodogsplash]]'' | Layer 3 |  https://github.com/nodogsplash/nodogsplash | 
 +| ::: | NoDogSplash offers a simple way to open a free hotspot providing restricted access to an internet connection.\\ It is another alternative from NoCat which aims to offer captive portal solutions local to the router/gateway and a simplistic setup, user bandwidth control and basic auth/splash page. Nodogsplash is small, well tested, tailored for OpenWrt by its author and can be set up with only one or two config file changes, in contrast Chilli is more complete but complex to set up. || 
 +| ''[[doc:howto:wireless.hotspot.wifidog|wifidog]]'' | Layer 3 |  http://dev.wifidog.org/ | 
 +| ::: | The Wifidog project is a complete and embeddable captive portal solution for wireless community groups or individuals who wish to open a free Hotspot while still preventing abuse of their Internet connection.\\ Originally forked from NoCatSplash and NoCatAuth,ran at layer3 using iptables as opposed to chillispots layer2 solutions. Wifidog offers a simple package and none uci based configuration file. Users can be managed and controlled through the gateway and hooked into any custom user management. This solution creates a custom central user management system. You can build your own login page and user management system or use their own portal system. || 
 +| ''[[doc:howto:wireless.hotspot.chillispot|chillispot]]'' | Layer 2 |  http://www.chillispot.org/ |  
 +| ::: | ChilliSpot is an open source captive portal or wireless LAN access point controller. It is used for authenticating users of a wireless LAN. It supports web based login which is today's standard for public HotSpots and it supports Wireless Protected Access (WPA) which is the standard of the future. Authentication, authorization and accounting (AAA) is handled by your favorite RADIUS server.\\ Layer 2 solution using a [[wp>RADIUS]] database for the backend user management and tracking. WARNING: This project may be dead. There hasn't really been much work on this project for years. Which leads to the next project. || 
 +| ''[[doc:howto:wireless.hotspot.coova-chilli|coova-chilli]]'' | Layer 2 / Layer 3|  http://www.coova.org/ | 
 +| ::: | CoovaChilli is an open source access controller for wireless LAN access points and is based on ChilliSpot. It is used for authenticating users of a wireless (or wired) LAN. It supports web based login (UAM) which is today's standard for public HotSpots and it supports Wireless Protected Access (WPA) which is the standard of the future. Authentication, authorization and accounting (AAA) is handled by your favorite RADIUS server.\\ Built on top of Chillispot with several improvements and additions. Includes [[wp>WISPr]] support, and much more. Main captive portal solution used in CoovaAP. || 
 +| ''[[doc:howto:wireless.hotspot.pepperspot|pepperspot]]'' | Layer 2 |  http://sourceforge.net/projects/pepperspot/ | 
 +| ::: | PepperSpot is a captive portal or wireless LAN access point controller which support the IPv6 protocol. It supports web based login and it supports Wireless Protected Access (WPA). Authentication is handled by your favorite RADIUS server (over IPv4/IPv6).\\ Another Chillispot fork. Support for IPv6 protocol, Wireless Protected Access (WPA). Also RADIUS server backend. || 
 + 
 + 
 +==== Wireless packages available in the OpenWrt repository ====
This shall be, but is not, an exhaustive list of all packages in the OpenWrt repository regarding wireless stuff to play with. The installation is always the same ''opkg install <package>'', for documentation regarding the configuration and utilization, search for Howtos in this wiki or in the Internet. This shall be, but is not, an exhaustive list of all packages in the OpenWrt repository regarding wireless stuff to play with. The installation is always the same ''opkg install <package>'', for documentation regarding the configuration and utilization, search for Howtos in this wiki or in the Internet.
Line 42: Line 78:
| kmod-wprobe          |    9408 | A module that exports measurement data from wireless driver to user space  | | kmod-wprobe          |    9408 | A module that exports measurement data from wireless driver to user space  |
| mdk3                |  49495 | Tool to exploit wireless vulnerabilities  | | mdk3                |  49495 | Tool to exploit wireless vulnerabilities  |
-| wavemon              |  32209 | wavemon is a ncurses-based monitoring application for wireless network devices. It currently works under Linux with devices that are supported  by the wireless extensions by Jean Tourrilhes (included in Kernel 2.4  and higher), e.g. the Lucent Orinoco cards.   | +| wavemon              |  32209 | wavemon is a ncurses-based monitoring application for wireless network devices. Based on WEXT-API   | 
-| wireless-tools      |  30236 | This package contains a collection of tools for configuring wireless adapters implementing the "Linux Wireless Extensions" |+| wireless-tools      |  30236 | This package contains a collection of tools for configuring wireless adapters implementing WEXT-API |
 +
 +==== Wireless drivers available in the OpenWrt repository ====
 +E.g.:
 +^ Package ^      Dependencies  ^^^^^^^
 +| kmod-ath9k    | ||||||
 +| :::          | kmod-ath9k-common | |||||
 +| :::          | :::              | kmod-ath | ||||
 +| :::          | :::              | :::      | kmod-mac80211 | |||
 +| :::          | :::              | :::      | :::          | kmod-crypto-core  |||
 +| :::          | :::              | :::      | :::          | kmod-crypto-arc 4 | kmod-crypto-core ||
 +| :::          | :::              | :::      | :::          | kmod-crypto-aes  | :::              ||
 +| :::          | :::              | :::      | :::          | kmod-cfg80211    | wireless-tools ||
 +| :::          | :::              | :::      | :::          | :::              | iw      | libnl-tiny |
 +| :::          | :::              | :::      | :::          | :::              | crda    | ::: |
 +^  Overall size = 486.450 Bytes ^^^^^^^
 +| kmod-ath5k    | |||||||
 +| :::          | kmod-ath | |||||
 +| :::          | :::      | kmod-mac80211 | ||||
 +| :::          | :::      | :::          | kmod-crypto-core  ||||
 +| :::          | :::      | :::          | kmod-crypto-arc 4 | kmod-crypto-core |||
 +| :::          | :::      | :::          | kmod-crypto-aes  | :::              |||
 +| :::          | :::      | :::          | kmod-cfg80211    | wireless-tools |||
 +| :::          | :::      | :::          | :::              | iw      | libnl-tiny ||
 +| :::          | :::      | :::          | :::              | crda    | ::: ||
 +^  Overall size = 308.902 Bytes ^^^^^^^
 +| kmod-b43      | ||||||
 +| :::          | kmod-ssb      | |||||
 +| :::          | kmod-bcma    | |||||
 +| :::          | kmod-mac80211 | |||||
 +| :::          | :::          | kmod-crypto-core  |||||
 +| :::          | :::          | kmod-crypto-arc 4 | kmod-crypto-core ||||
 +| :::          | :::          | kmod-crypto-aes  | :::              ||||
 +| :::          | :::          | kmod-cfg80211    | wireless-tools ||||
 +| :::          | :::          | :::              | iw      | libnl-tiny |||
 +| :::          | :::          | :::              | crda    | ::: |||
 +^  Overall size = 561.201 Bytes ^^^^^^^
 +
 +^ Name              ^  Size    ^ Description  ^
 +| kmod-ath9k        |  155.684 | This module adds support for wireless adapters based on Atheros IEEE 802.11n AR5008 and AR9001 family of chipsets.  |
 +| kmod-ath9k-htc    |  113.441 | This module adds support for wireless adapters based on Atheros USB AR9271 and AR7010 family of chipsets.  |
 +| kmod-ath9k-common |  104.136 | Atheros 802.11n wireless devices (common code for ath9k and ath9k_htc)  |
 +| kmod-ath5k        |  82.272 | This module adds support for wireless adapters based on Atheros 5xxx chipset.  |
 +| kmod-ath          |  10.059 | This module contains some common parts needed by Atheros Wireless drivers.  |
 +| kmod-b43          |  210.860 | Kernel module for Broadcom 43xx wireless support (mac80211 stack) |
 +| kmod-mac80211    |  139.372 | Generic IEEE 802.11 Networking Stack (mac80211)              |
 +| kmod-cfg80211    |  93.696 | cfg80211 is the Linux wireless LAN (802.11) configuration API.  |
 +| iw                |  32.100 | cfg80211 interface configuration utility  |
 +| wireless-tools    |  23.153 | Contains ''[[man>iwconfig]]'', ''[[man>iwlist]]'' and ''[[man>iwpriv]]''; tools for configuring wireless adapters implementing the WExt.  |
 +| crda              |    9.627 | The [[http://www.linuxwireless.org/en/developers/Regulatory/CRDA|Central Regulatory Domain Agent]] serves one purpose: tell Linux kernel what to enforce. In essence it is a udev helper for communication between the kernel and userspace. You only need to run this manually for debugging purposes. For manual changing of regulatory domains use iw (''iw reg set'') or wpa-supplicant (feature yet to be added).  |
 +| libnl-tiny        |  13.529 | This package contains a stripped down version of libnl  |
 +
 +
 +| {{:meta:icons:tango:48px-outdated.svg.png?nolink}}  | Due to [[https://dev.openwrt.org/changeset/31954/|r31954]] tweaking the ''regulatory.bin'' to enbale channel 13 and 14 is no longer an option.  |
===== Wireless security ===== ===== Wireless security =====
  * WEP (unsecure, cracked)   * WEP (unsecure, cracked)
-  * WPA (unsecure, cracked+  * WPA (sufficiently secure if strong passwords are used and WPS disabled
-  * WPA2 (unsecure, cracked+  * WPA2 (secure if strong passwords are used and WPS disabled
-  * 802.11X (Secure) Authentication of ldap domain credentials. FIXME Can openwrt do this?  With radius ? +  * 802.11X (secure) Authentication of LDAP domain credentials. FIXME Can openwrt do this?  With radius ?
===== Wireless recipes ===== ===== Wireless recipes =====
Line 57: Line 146:
===== Troubleshooting ====== ===== Troubleshooting ======
  * [[https://forum.openwrt.org/viewtopic.php?id=33875|problem with any kinds of multicast traffic on 802.11 networks]]   * [[https://forum.openwrt.org/viewtopic.php?id=33875|problem with any kinds of multicast traffic on 802.11 networks]]
 +
===== Notes ===== ===== Notes =====
  * [[https://forum.openwrt.org/viewtopic.php?pid=133243#p133243|on AP modes]]   * [[https://forum.openwrt.org/viewtopic.php?pid=133243#p133243|on AP modes]]
 +  * [[https://dev.openwrt.org/changeset/37553|r37553  add authsae open80211s authentication daemon]] [[wp>IEEE 802.11s]]
 +  * [[https://dev.openwrt.org/changeset/37483|r37483 ath9k: add initial tx queueing rework patches]] This forces all packets (even for un-aggregated traffic) through software queues to improve fairness and stability
 +
 +===== OpenWrt Wireless FAQ =====
 +  * ->[[http://wiki.openwrt.org/doc/faq/faq.wireless|OpenWrt Wireless FAQ]]

Back to top

doc/howto/wireless.overview.1353902442.txt.bz2 · Last modified: 2012/11/26 05:00 by uvray313