5. Turn on wifi
● /etc/config/wireless
– Uci set wireless.wifi0.disabled=0
– Uci commit
– Wifi reload
6. Linux Wireless
● https://wireless.wiki.kernel.org/en/users
● https://wireless.wiki.kernel.org/en/developers/do
cumentation/api-list
● configuration management for wireless devices
– Cfg80211: Kernel side
● https://wireless.wiki.kernel.org/en/developers/documenta
tion/cfg80211
– Nl80211: User-space side, Netlink-based user-
space protocol
● https://wireless.wiki.kernel.org/en/developers/documenta
tion/nl80211
–
7. MLME 管理物理层 MAC 状态机
● MLME Stands for Media Access Control (MAC)
Sublayer Management Entity
– managed in hardware
● FullMAC a type of wireless card
– managed in software
● SoftMAC a type of WNIC
– mac80211 A driver API for SoftMAC wireless cards.
● https://wireless.wiki.kernel.org/en/developers/documentation/mac80211
● Cfg80211: Works together with FullMAC-drivers and
also with mac80211-based drivers.
12. Qualcomm
Atheros driver
● device types
– wifiN device
● radio layer or ATH/HAL layer
– athN device.
● protocol, or 802.11 layer
● WLAN driver models
– Direct Attach (DA)
● WLAN driver runs on the host platform
● interfaces
● with the WLAN hardware through the host bus interface (that is, PCI, PCIe, AHB, and so on)
● AR928x, AR938x, AR939x, AR958x, AR959x, AR934x,
● AR935x, QCA953x, QCA955x and IPQ4019.
– Offload (OL)
● WLAN driver component runs on the target
● thin interface layer
● software is added on both the host and target for the host-target communications
● QCA988x, QCA989x, QCA9990 and IPQ4019.
13. iwconfig
● Command on protocol layer
– ifconfig
– iwconfig
● iwconfig athN channel opchannel
– ifconfig athN down before issuing the channel change
– ifconfig athN up after making the channel change
● enc and key
– set and manage WEP keys
● Essid
– up to 32 characters in length and can contain spaces(must be quoted
when including spaces)
14. iwpriv
● It is recommended to use the radio layer (wifiN) parameters over
the protocol layer (athN) parameters when duplication exists.
● Association/ACL parameters
– addmac
– delmac
– getmac
– iwpriv athN maccmd cmd
● 0 Disable ACL checking
● 1 Only allow association with MAC addresses on the list
● 2 Deny association with any MAC address on the list
● 3 Flush the current ACL list
● 4 Suspend current ACL policies. Re-enable with a 1 or 2 command.
23. test-ap-add-guest.sh
NETWORKID="guest$1";FIREWALLZONE="guestzone$1";REGIN=$1;
uci batch <<EOF
set network.${NETWORKID}=interface
set network.${NETWORKID}.ifname=${NETWORKID}
set network.${NETWORKID}.proto=static
set network.${NETWORKID}.ipaddr=192.168.1${REGIN}.1
set network.${NETWORKID}.netmask=255.255.255.0
set network.${NETWORKID}.ip6assign='60'
set wireless.@wifi-iface[${REGIN}].device='wifi0'
set wireless.@wifi-iface[${REGIN}].network=${NETWORKID}
set wireless.@wifi-iface[${REGIN}].ssid=${NETWORKID}
set wireless.@wifi-iface[${REGIN}].mode='ap'
set wireless.@wifi-iface[${REGIN}].hidden='0'
set wireless.@wifi-iface[${REGIN}].encryption='psk2'
set wireless.@wifi-iface[${REGIN}].key='12345678'
set dhcp.${NETWORKID}=dhcp
set dhcp.${NETWORKID}.interface=${NETWORKID}
set dhcp.${NETWORKID}.start=100
set dhcp.${NETWORKID}.leasetime=12h
set dhcp.${NETWORKID}.limit=150
set dhcp.${NETWORKID}.dhcpv6=server
set dhcp.${NETWORKID}.ra=server
set firewall.${FIREWALLZONE}=zone
set firewall.${FIREWALLZONE}.name=${FIREWALLZONE}
set firewall.${FIREWALLZONE}.network=${NETWORKID}
set firewall.${FIREWALLZONE}.forward=REJECT
set firewall.${FIREWALLZONE}.output=ACCEPT
set firewall.${FIREWALLZONE}.input=REJECT
set firewall.${FIREWALLZONE}_fwd=forwarding
set firewall.${FIREWALLZONE}_fwd.src=${FIREWALLZONE}
set firewall.${FIREWALLZONE}_fwd.dest=wan
set firewall.${FIREWALLZONE}_dhcp=rule
set firewall.${FIREWALLZONE}_dhcp.name=${FIREWALLZONE}_DHCP
set firewall.${FIREWALLZONE}_dhcp.src=${FIREWALLZONE}
set firewall.${FIREWALLZONE}_dhcp.target=ACCEPT
set firewall.${FIREWALLZONE}_dhcp.proto=udp
set firewall.${FIREWALLZONE}_dhcp.dest_port=67-68
set firewall.${FIREWALLZONE}_dns=rule
set firewall.${FIREWALLZONE}_dns.name=${FIREWALLZONE}_DNS
set firewall.${FIREWALLZONE}_dns.src=${FIREWALLZONE}
set firewall.${FIREWALLZONE}_dns.target=ACCEPT
set firewall.${FIREWALLZONE}_dns.proto='tcp udp'
set firewall.${FIREWALLZONE}_dns.dest_port=53
EOF
uci commit
uci show network.${NETWORKID}
24. 802.11 standards 1/2
● Lowercase add new clause to 802.11
● Uppercase standalone specifications
● 802.11 1997 first standart
● 802.11a 1999 second PHY standard
● 802.11b 1999 third PHY standard
● 802.11g 2003 PHY
● family (c–f, h, j) are service amendments
– 802.11h make 802.11a compatible with European
– 802.11i improvements to security at link layer
– 802.11j enhancements to 802.11a to conform Japan
25. 802.11 standards 2/2
● 802.11n high throughput 100Mbps
– can use either the 2.4 GHz or the 5 GHz band
– MIMO
● 802.11p for use in automobiles
● 802.11r roaming
● 802.11s mesh networking technology
● 802.11T test and measurement specification
● 802.11u interworking
31. PHY Rate
● 802.11 a Up to 54Mbps
● 802.11b 5.5Mbps 11Mbps
● 802.11g Up to 54Mbps
● 802.11n Up to 600Mbps
● 802.11ac Up to 6.9Gbps
32. Why Wireless?
● Advantage
– *Mobility
– Roam freely
– Flexibility
● Range up to a few miles
●
Reduces the need for construction of old buildings
● DisAdvantage
– Unauthorized use
– Traffic injection
– Traffic analysis
33. AP
● access points are bridges between the
wireless world and the wired world.
● The so called hot spot
● Act much like old shared ethernet hubs
34. Type of networks
● IBSS(Independent basic service set)
– Ad hoc BSSs or ad hoc networks
● Infrastructure BSS
– Defined by distance from the AP
● ESS(extended service set)
– All Aps in an ESS are given the same SSID
– Highest level abstraction supported by 802.11 network
● Multi-BSS
– Virtual Aps
– VLAN
35. Types of Access Points
● For the home: residential gateways
● For the office: enterprise access points
● For the large office: wireless switches
36. residential gateways
● DHCP server
– plug-and-play configuration easier.
● routable IP address / NAT
● WAN interface
– modem, a serial port, or even DSL.
● default internal IP address.
● do not have sophisticated radios.
37. enterprise access points
● several access points working in concert
● Upgradeability
● Security
– AES acceleration in hardware,
– support multiple security standards simultanously.
● multiple virtual radio networks
● Transmission power
● Multiple SSIDs
38. wireless switches
● load-balance clients between Aps
● monitor radio activity centrally
● extend the existing network more easily.
40. Challenges for the MAC
● RF Link Quality
– Positive acknowledgment of data transmissions
– Atomic operations: all or nothing
● 802.11 allows stations to lock out contention
● not interrupted by other stations
– multirate
41. The Hidden Node Problem
● Wireless transceivers are generally half-duplex
● Request to Send (RTS) and Clear to Send
(CTS) signals to clear out an area
44. Wi-Fi Protected Access (WPA)
● WPA version 1 is based on the third draft of
802.11i (from mid-2003)
● WPA version 2 is the final standardized version
of 802.11i from mid-2004.
● designed to bring TKIP to the market more
quickly
● slight modification of a subset of 802.11i
● TKIP is the default cipher, rather than CCMP.
45. 802.11i
● Temporal Key Integrity Protocol (TKIP)
– bolster security to the greatest extent possible on
pre-802.11i hardware
● Counter Mode with CBC-MAC Protocol (CCMP)
46. Robust Security Network (RSN)
● 802.11i Key Hierarchy
– Pairwise key: protect traffic between a station and
the AP it is currently serving
– Group keys: protect broadcast or multicast traffic
from an AP to its associated clients.
47. Security Definition and Analysis
● Integrity
– Has somebody improperly changed the data?
● Secrecy
– Has the data been improperly disclosed?
– relatively easy eavesdropping
– lack of strong user authentication
● Availability
– Can I read my data when I want to?
– Denial of Service (DoS) / lack of frame authentication
48. authentication
● Your credentials, please
● transparent proxy
– custom portal page for authentication purposes.
– cannot be used to derive keys for link-layer security
protocols.
49. encryption
● Only authorized users with the keys to access the data
● data is not tampered with inflight.
● encryption protocols
– Static WEP
– 802.1X-based dynamic WEP
– Temporal Key Integrity Protocol (TKIP)
● TKIP is should not be considered a long-term solution.
– Counter Mode CBC-MAC Protocol (CCMP)
– Network-layer encryption
● IPsec, SSL, or SSH.