Changeset d8a7d94 in freewrt

Timestamp:

May 19, 2007, 12:36:16 PM (19 years ago)

Author:

Waldemar Brodkorb <wbx@…>

Branches:

freewrt_1_0, freewrt_2_0

Children:

cf79cd5

Parents:

a9b0a36

Message:

cleanup WLAN examples

git-svn-id: ​svn://www.freewrt.org/branches/freewrt_1_0@2547 afb5a338-a214-0410-bd46-81f09a774fd1

Files:

• docs/handbook/user/cover.tex (modified) (1 diff)
• docs/handbook/user/handbook.tex (modified) (12 diffs)
• target/linux/brcm-2.4/files/etc/network/interfaces (modified) (3 diffs)

docs/handbook/user/cover.tex

@@ -18 +18 @@
 \\
 \rightline{%
-Revision 1.0.1, \svnInfoRevision}
+Revision 1.0.3, \svnInfoRevision}
 \\
 \rightline{%

docs/handbook/user/handbook.tex

@@ -611 +611 @@
 \section{Network Configuration}
 
+<<<<<<< .mine
+The device names for real network interfaces in Linux are named \code{ethx} (\code{x} is
+\code{0--9}). If the device has a switch, the different ports are separated via VLAN
+technology. The vlan interfaces are named \code{ethx.y}.  The network configuration in
+FreeWRT is managed via \app{Busybox}'s \app{ifupdown} implementation. \app{Busybox}'s builtin \app{ip}
+command configures the network interfaces. There is no \app{ifconfig} or \app{route}, you can activate
+it in the ADK menue, if you like. 
+
+=======
 The device names for real network interfaces in Linux are named \code{ethx}
 (\code{x} is \code{0--9}). If the device has a switch, the different ports are
@@ -617 +626 @@
 \app{ifupdown} implementation. \app{Busybox}'s builtin \app{ip} command
 configures the network interfaces. There is no \app{ifconfig} or \app{route}.
+>>>>>>> .r2546
 To show all configured network interfaces use:
 \begin{Verbatim}[label=show IP address]
@@ -636 +646 @@
 \end{Verbatim}
 
+<<<<<<< .mine
+<b>ATTENTION: Be sure you have no whitespaces at the and of any value!</b>
+
+\code{auto <iface-name>} is optional and, if set, tells the \app{ifup} script to
+start this interface automatically on bootup.
+=======
 \code{auto <iface-name>} is optional and, if set, tells the \app{ifup} script
 to start this interface automatically on bootup.
+>>>>>>> .r2546
 
 Each interface needs a unique name which, depending on the method, represents
@@ -758 +775 @@
 Typically this configures the WAN-Port to start a DHCP request on bootup.
 
-\subsection{Bridging}
-
-This is mostly needed to combine LAN and WLAN to a homogeneous network.  Be
-sure you have installed the package \app{bridge-utils}.
-
-\begin{Verbatim}[label=\file{/etc/network/interfaces}]
-auto eth0.0
-iface eth0.0 inet manual
-    switch-ports 1 2 3 4 5*
-
-auto eth1
-iface eth1 inet manual
-    wireless-bridge-if br0
-    [... other wifi-settings, see below ...]
-
-auto br0
-iface br0 inet static
-    bridge-ifaces eth0.0 eth1
-    address 192.168.1.1
-    netmask 255.255.255.0
-    broadcast +
-\end{Verbatim}
-
-This creates a new bridging interface \code{br0} which combines the VLAN
-interface \code{eth0.0} (representing the LAN-ports 1--4) and the WLAN
-interface \code{eth1} (on some devices like \term{Asus WL500gP} this might be
-\code{eth2}).  The bridge interface needs always be the last one, otherwise it
-can not find the interfaces in \code{bridge-ifaces}.
-
 \subsection{WLAN}
 A router containing a WLAN interface has an additional ethernet device
@@ -982 +970 @@
 \end{longtable}
 
-\subsubsection{Examples}
-\paragraph{WLAN with WEP128}
+\subsubsection{Examples for wireless configuration}
+
+\paragraph{WLAN with WPA1/WPA2 AES+TKIP}
+
+This combination works with any kind of WPA client implementation.
+
 \begin{Verbatim}[label=\file{/etc/network/interfaces}]
+auto eth1
 iface eth1 inet static
         address 192.168.10.1
@@ -993 +986 @@
         wireless-mode ap
         wireless-ssid FreeWRT
-        wireless-security wep
-        wireless-key1 11223344556677889900112233
+        wireless-security wpa-psk
+        wireless-authorization psk psk2
+        wireless-encryption aes+tkip
+        wireless-wpa-key 12345678
         wireless-channel 11
 \end{Verbatim}
 
+If you want to do MAC filtering, add the following to the sample above:
+\begin{Verbatim}[label=\file{/etc/network/interfaces}]
+        wireless-macmode 2
+        wireless-mac 00:01:02:03:04:05 06:07:08:09:0a:0b
+\end{Verbatim}
+this enables the filter and defines the list to contain addresses that should be allowed.
+
 \paragraph{WLAN without encryption}
+
+If you already use VPN to secure your connection, you can just use an unencrypted setup
+and setup the firewall on your embedded device.
+
 \begin{Verbatim}[label=\file{/etc/network/interfaces}]
+auto eth1
 iface eth1 inet static
         address 192.168.10.1
@@ -1012 +1019 @@
 \end{Verbatim}
 
-\paragraph{WLAN with WPA2 (AES)}
+\paragraph{WLAN client with WPA2 (AES)}
+
+This can only be used in routing mode, you can not bridge it with LAN or WAN interfaces.
+
 \begin{Verbatim}[label=\file{/etc/network/interfaces}]
-iface eth1 inet static
-        address 192.168.10.1
-        netmask 255.255.255.0
-        broadcast +
-        wireless-type broadcom
-        wireless-country DE
-        wireless-mode ap
-        wireless-ssid FreeWRT
-        wireless-security wpa-psk
-        wireless-authorization psk2
-        wireless-encryption aes
-        wireless-wpa-key 12345678
-        wireless-channel 11
-\end{Verbatim}
-
-If you want to do MAC filtering, add the following to the sample above:
-\begin{Verbatim}[label=\file{/etc/network/interfaces}]
-        wireless-macmode 2
-        wireless-mac 00:01:02:03:04:05 06:07:08:09:0a:0b
-\end{Verbatim}
-this enables the filter and defines the list to contain addresses that should
-be allowed.
-
-To enhance wireless performance, you can enable some flags like Broadcom's
-SpeedBooster. Normally, these flags are not dangerous:
-\begin{Verbatim}[label=\file{/etc/network/interfaces}]
-        wireless-gmode performance
-        wireless-frameburst 1
-        wireless-afterburner 1
-\end{Verbatim}
-
-\paragraph{WLAN client with WPA2 (AES) (\strong{untested})}
-\begin{Verbatim}[label=\file{/etc/network/interfaces}]
+auto eth1
 iface eth1 inet static
         address 192.168.10.1
@@ -1061 +1039 @@
 \end{Verbatim}
 
-\paragraph{WLAN client with WEP128}
-\begin{Verbatim}[label=\file{/etc/network/interfaces}]
-iface eth1 inet dhcp
-        wireless-type broadcom
-        wireless-country DE
-        wireless-mode sta
-        wireless-ssid FreeWRT
-        wireless-security wep
-        wireless-key1 11223344556677889900112233
-\end{Verbatim}
-
 WLAN with WDS nodes, the WDS nodes need to have the same
-SSID, channel and encryption parameters.
+SSID, channel and encryption parameters. The WDS connection is separetely
+secured via WPA1 and AES. WPA2 for WDS connection security is \_not\_ working.
 
 WDS node 1 (MAC of Wireless \code{06:05:04:03:02:01})
 \begin{Verbatim}[label=\file{/etc/network/interfaces}]
+auto br0
 iface br0 inet static
         bridge-ifaces eth1
@@ -1086 +1055 @@
         wireless-mode wds
         wireless-ssid FreeWRT-WDS
-        wireless-security none
-        wireless-lazywds 0
+        wireless-security wpa-psk
+        wireless-authorization psk psk2
+        wireless-encryption aes+tkip
+        wireless-wpa-key apkey
+        wireless-lazywds 1
+        wireless-wds-security wpa-psk
+        wireless-wds-encryption aes
+        wireless-wds-wpa-key wdskey
         wireless-wds 01:02:03:04:05:06
         wireless-wds-bridge br0
@@ -1093 +1068 @@
 WDS node 2 (MAC of Wireless \code{01:02:03:04:05:06})
 \begin{Verbatim}[label=\file{/etc/network/interfaces}]
+auto br0
 iface br0 inet static
         bridge-ifaces eth1
@@ -1102 +1078 @@
         wireless-mode wds
         wireless-ssid FreeWRT-WDS
-        wireless-security none
-        wireless-lazywds 0
+        wireless-security wpa-psk
+        wireless-authorization psk psk2
+        wireless-encryption aes+tkip
+        wireless-wpa-key apkey
+        wireless-lazywds 1
+        wireless-wds-security wpa-psk
+        wireless-wds-encryption aes
+        wireless-wds-wpa-key wdskey
         wireless-wds 06:05:04:03:02:01
         wireless-wds-bridge br0
 \end{Verbatim}
 
-\paragraph{Peer-to-Peer mode (no encryption, IP must be static)}
+\paragraph{Peer-to-Peer/AdHoc mode (no encryption, IP must be static)}
 \begin{Verbatim}[label=\file{/etc/network/interfaces}]
+auto eth1
 iface eth1 inet static
         address 192.168.10.1
@@ -1121 +1104 @@
         wireless-channel 11
 \end{Verbatim}
+
+\subsection{Bridging}
+
+This is mostly needed to combine LAN and WLAN to a homogeneous network.
+Be sure you have installed the package \app{bridge-utils}.
+See the example for a bridging setup, WLAN is secured via WPA/WPA2.
+
+\begin{Verbatim}[label=\file{/etc/network/interfaces}]
+auto eth0.0
+iface eth0.0 inet manual
+        switch-ports 1 2 3 4 5*
+
+auto eth1
+iface eth1 inet manual
+        wireless-type broadcom                                     
+        wireless-country DE                                               
+        wireless-mode ap                                                  
+        wireless-ssid FreeWRT                                             
+        wireless-channel 11                                               
+        wireless-security wpa-psk                                         
+        wireless-authorization psk psk2                                   
+        wireless-encryption aes+tkip                                      
+        wireless-wpa-key MyWlanSecret                
+        wireless-bridge-if br0
+
+auto br0
+iface br0 inet static
+        bridge-ifaces eth0.0 eth1
+        address 192.168.1.1
+        netmask 255.255.255.0
+        broadcast +
+\end{Verbatim}
+
+This creates a new bridging interface \code{br0} which combines the VLAN
+interface \code{eth0.0} (representing the LAN-ports 1--4) and the WLAN interface
+\code{eth1} (on some devices like \term{Asus WL500gP} this might be \code{eth2}).
+The bridge interface needs always be the last one, otherwise it can not find
+the interfaces in \code{bridge-ifaces}.
 
 \subsection{PPP}

target/linux/brcm-2.4/files/etc/network/interfaces

@@ -74 +74 @@
 # button-press
 
-# WLAN with WPA2/WPA1 AES+TKIP
+
+##
+## WLAN with WPA2/WPA1 AES+TKIP (routing mode)
+##
 #auto @FWRT_WLAN@
 #iface @FWRT_WLAN@ inet static
@@ -90 +93 @@
 #       wireless-wpa-key MyWlanSecret
 
-# Bridging WLAN<->LAN
+##
+## Bridging WLAN<->LAN
+##
 #auto @FWRT_LAN@
 #iface @FWRT_LAN@ inet manual
 #       switch-ports @FWRT_LAN_SWITCH@
+#
+#auto @FWRT_WLAN@
+#iface @FWRT_WLAN@ inet manual
+#       wireless-type broadcom
+#       wireless-country DE
+#       wireless-mode ap
+#       wireless-ssid FreeWRT
+#       wireless-channel 11
+#       wireless-security wpa-psk
+#       wireless-authorization psk psk2
+#       wireless-encryption aes+tkip
+#       wireless-wpa-key MyWlanSecret
 #
 # should be always the last configured interface, it depends
@@ -117 +134 @@
 #       wireless-ssid FreeWRT-WDS
 #       wireless-channel 11
-#       wireless-security none
-#       wireless-lazywds 0
+#       wireless-security apa-psk
+#       wireless-authorization psk psk2
+#       wireless-encryption aes+tkip
+#       wireless-wpa-key MyWlanSecret
+#       wireless-lazywds 1
 #       wireless-wds-bridge br0
 #       wireless-wds 00:01:02:03:04:05
+#       wireless-wds-security wpa-psk
+#       wireless-wds-encryption aes
+#       wireless-wds-wpa-key key4wds