This document provides an overview of wireless networking configuration and tools for OpenWrt. It discusses wireless configuration using UCI, hardware modes, encryption types, and tools like iwconfig, iwpriv, and iwlist. It also covers Linux wireless concepts like mac80211 and cfg80211, as well as Qualcomm Atheros driver models and testing scripts for changing wireless settings.

1. OpenWrt wireless
sean

2. Doc version
● V1 2018-05-18
– Wireless config & tools
● V2 2018-05-24
– 802.11

3. Wireless config
● UCI
– https://openwrt.org/docs/guide-user/network/wifi/basic
– config 'wifi-device'
● Hwmode: 11b, 11g, and 11a
● Htmode: HT20, HT40-, HT40+, HT40, NONE or VHT20, VHT40, VHT80,
VHT160
– config 'wifi-iface'
● Mode: ap, sta, adhoc, wds, monitor, mesh
● Encryption: none, wep, psk, psk2, wep+shared, wep+open, wep+mixed
● WPA Modes??
● WPA Enterprise (Access Point)??
– 80_Y6399_3_IPQ40X8_QSDK_SETUP_AND_USER_GUIDE.pdf
● 6.3 Wireless section

4. Wireless tools
● 80-Y8052-1_AP 10.4 CLI USER GUIDE.pdf
●

5. Turn on wifi
● /etc/config/wireless
– Uci set wireless.wifi0.disabled=0
– Uci commit
– Wifi reload

6. Linux Wireless
● https://wireless.wiki.kernel.org/en/users
● https://wireless.wiki.kernel.org/en/developers/do
cumentation/api-list
● configuration management for wireless devices
– Cfg80211: Kernel side
● https://wireless.wiki.kernel.org/en/developers/documenta
tion/cfg80211
– Nl80211: User-space side, Netlink-based user-
space protocol
● https://wireless.wiki.kernel.org/en/developers/documenta
tion/nl80211
–

7. MLME 管理物理层 MAC 状态机
● MLME Stands for Media Access Control (MAC)
Sublayer Management Entity
– managed in hardware
● FullMAC a type of wireless card
– managed in software
● SoftMAC a type of WNIC
– mac80211 A driver API for SoftMAC wireless cards.
● https://wireless.wiki.kernel.org/en/developers/documentation/mac80211
● Cfg80211: Works together with FullMAC-drivers and
also with mac80211-based drivers.

8. mac80211
● https://wireless.wiki.kernel.org/en/developers/d
ocumentation/mac80211
● https://wireless.wiki.kernel.org/_media/en/devel
opers/documentation/mac80211.pdf
● https://wireless.wiki.kernel.org/en/developers
/documentation/mac80211/api
● https://www.kernel.org/doc/html/latest/driver-
api/80211/

9. feeds/wlan_open/mac80211/
● Makefile
– KernelPackage/cfg80211
● Linux wireless LAN (802.11) configuration API
– KernelPackage/mac80211
● Linux 802.11 Wireless Networking Stack
– KernelPackage/ath9k
● QCA 802.11n PCI wireless cards support
– KernelPackage/ath10k
● QCA 802.11ac wireless cards support
– KernelPackage/wil6210
● QCA 802.11ad wireless cards support

10. modes
● https://wireless.wiki.kernel.org/en/users/docum
entation/modes
● AccessPoint (AP) infrastructure mode
● Station infrastructure mode
● Monitor mode
● Ad-Hoc (IBSS) mode
● Wireless Distribution System (WDS)
● Mesh

11. hostapd
● https://wireless.wiki.kernel.org/en/users/docum
entation/hostapd
●

12. Qualcomm
Atheros driver
● device types
– wifiN device
● radio layer or ATH/HAL layer
– athN device.
● protocol, or 802.11 layer
● WLAN driver models
– Direct Attach (DA)
● WLAN driver runs on the host platform
● interfaces
● with the WLAN hardware through the host bus interface (that is, PCI, PCIe, AHB, and so on)
● AR928x, AR938x, AR939x, AR958x, AR959x, AR934x,
● AR935x, QCA953x, QCA955x and IPQ4019.
– Offload (OL)
● WLAN driver component runs on the target
● thin interface layer
● software is added on both the host and target for the host-target communications
● QCA988x, QCA989x, QCA9990 and IPQ4019.

13. iwconfig
● Command on protocol layer
– ifconfig
– iwconfig
● iwconfig athN channel opchannel
– ifconfig athN down before issuing the channel change
– ifconfig athN up after making the channel change
● enc and key
– set and manage WEP keys
● Essid
– up to 32 characters in length and can contain spaces(must be quoted
when including spaces)

14. iwpriv
● It is recommended to use the radio layer (wifiN) parameters over
the protocol layer (athN) parameters when duplication exists.
● Association/ACL parameters
– addmac
– delmac
– getmac
– iwpriv athN maccmd cmd
● 0 Disable ACL checking
● 1 Only allow association with MAC addresses on the list
● 2 Deny association with any MAC address on the list
● 3 Flush the current ACL list
● 4 Suspend current ACL policies. Re-enable with a 1 or 2 command.

15. iwpriv
● Beacon configuration parameters
– countryie
– hide_ssid
● Channel width parameters
– Mode
● Physical layer parameters
– setCountryID

16. iwlist
● iwlist ath0 scan
● iwlist ath0 channel

17. Test case
● Change ssid
● Change enc and key

18. test-ap-change-ssid.sh
SUFFIX="$1"
uci batch <<EOF
set wireless.@wifi-iface[0].ssid="0penWrt 2G ${SUFFIX}"
set wireless.@wifi-iface[1].ssid="0penWrt 5G ${SUFFIX}"
EOF
uci commit
uci show wireless
./test-ap-change-ssid.sh 0001
./test-ap-change-ssid.sh 0002
./test-ap-change-ssid.sh 0003
./test-ap-change-ssid.sh 0004

19. test-ap-enc-key.sh
ENC="$1"; KEY=$2;
uci batch <<EOF
set wireless.@wifi-iface[0].encryption=${ENC}
set wireless.@wifi-iface[0].key=${KEY}
set wireless.@wifi-iface[1].encryption=${ENC}
set wireless.@wifi-iface[1].key=${KEY}
EOF
uci commit
uci show wireless
./test-ap-enc-key.sh psk2 11111111
./test-ap-enc-key.sh psk 11111111
./test-ap-enc-key.sh psk2-mixed 11111111
./test-ap-enc-key.sh psk-mixed 11111111

20. encryption
psk-mixed,psk-mixed+aes,psk-
mixed+ccmp ,psk-mixed+tkip,psk-
mixed+tkip+aes,psk-mixed+tkip+ccmp
psk2,psk2+ccmp,psk2+aes,psk,psk+ccmp,psk+ase,
psk2+tkip+ccmp,psk2+tkip+aes,psk+tkip+ccmp,psk
+tkip+aes
psk2+tkip,psk+tkip
在IEEE 802.11i 规格书中，CCMP为default mode
TKIP was deprecated by the IEEE in January 2009
这些配置无效：psk2+ccmp-256，psk2+gcmp，psk2+gcmp-
256，wapi-psk

21. test-ap-hide-ssid.sh
HIDE="$1"
uci batch <<EOF
set wireless.@wifi-iface[0].hidden=${HIDE}
set wireless.@wifi-iface[1].hidden=${HIDE}
EOF
uci commit
uci show wireless
./test-ap-hide-ssid.sh 0
./test-ap-hide-ssid.sh 1

22. test-network-reload.sh
● wifi reload
● /etc/init.d/network reload

23. test-ap-add-guest.sh
NETWORKID="guest$1";FIREWALLZONE="guestzone$1";REGIN=$1;
uci batch <<EOF
set network.${NETWORKID}=interface
set network.${NETWORKID}.ifname=${NETWORKID}
set network.${NETWORKID}.proto=static
set network.${NETWORKID}.ipaddr=192.168.1${REGIN}.1
set network.${NETWORKID}.netmask=255.255.255.0
set network.${NETWORKID}.ip6assign='60'
set wireless.@wifi-iface[${REGIN}].device='wifi0'
set wireless.@wifi-iface[${REGIN}].network=${NETWORKID}
set wireless.@wifi-iface[${REGIN}].ssid=${NETWORKID}
set wireless.@wifi-iface[${REGIN}].mode='ap'
set wireless.@wifi-iface[${REGIN}].hidden='0'
set wireless.@wifi-iface[${REGIN}].encryption='psk2'
set wireless.@wifi-iface[${REGIN}].key='12345678'
set dhcp.${NETWORKID}=dhcp
set dhcp.${NETWORKID}.interface=${NETWORKID}
set dhcp.${NETWORKID}.start=100
set dhcp.${NETWORKID}.leasetime=12h
set dhcp.${NETWORKID}.limit=150
set dhcp.${NETWORKID}.dhcpv6=server
set dhcp.${NETWORKID}.ra=server
set firewall.${FIREWALLZONE}=zone
set firewall.${FIREWALLZONE}.name=${FIREWALLZONE}
set firewall.${FIREWALLZONE}.network=${NETWORKID}
set firewall.${FIREWALLZONE}.forward=REJECT
set firewall.${FIREWALLZONE}.output=ACCEPT
set firewall.${FIREWALLZONE}.input=REJECT
set firewall.${FIREWALLZONE}_fwd=forwarding
set firewall.${FIREWALLZONE}_fwd.src=${FIREWALLZONE}
set firewall.${FIREWALLZONE}_fwd.dest=wan
set firewall.${FIREWALLZONE}_dhcp=rule
set firewall.${FIREWALLZONE}_dhcp.name=${FIREWALLZONE}_DHCP
set firewall.${FIREWALLZONE}_dhcp.src=${FIREWALLZONE}
set firewall.${FIREWALLZONE}_dhcp.target=ACCEPT
set firewall.${FIREWALLZONE}_dhcp.proto=udp
set firewall.${FIREWALLZONE}_dhcp.dest_port=67-68
set firewall.${FIREWALLZONE}_dns=rule
set firewall.${FIREWALLZONE}_dns.name=${FIREWALLZONE}_DNS
set firewall.${FIREWALLZONE}_dns.src=${FIREWALLZONE}
set firewall.${FIREWALLZONE}_dns.target=ACCEPT
set firewall.${FIREWALLZONE}_dns.proto='tcp udp'
set firewall.${FIREWALLZONE}_dns.dest_port=53
EOF
uci commit
uci show network.${NETWORKID}

24. 802.11 standards 1/2
● Lowercase add new clause to 802.11
● Uppercase standalone specifications
● 802.11 1997 first standart
● 802.11a 1999 second PHY standard
● 802.11b 1999 third PHY standard
● 802.11g 2003 PHY
● family (c–f, h, j) are service amendments
– 802.11h make 802.11a compatible with European
– 802.11i improvements to security at link layer
– 802.11j enhancements to 802.11a to conform Japan

25. 802.11 standards 2/2
● 802.11n high throughput 100Mbps
– can use either the 2.4 GHz or the 5 GHz band
– MIMO
● 802.11p for use in automobiles
● 802.11r roaming
● 802.11s mesh networking technology
● 802.11T test and measurement specification
● 802.11u interworking

26. 802.11 network PHY standards
● https://en.wikipedia.org/wiki/IEEE_802.11

27. Radio Spectrum
● The Key Resource
● FCC(Federal Communications Commission)
/US
● ERO(European Radiocommunications Office)
● ITU(International Telecommunications Union)

28. ISM Bands
● ISM(Industrial Scientific Medical) Free License
● https://baike.baidu.com/item/ISM%E9%A2%
91%E6%AE%B5/2114556
● 802.11b and 802.11g 2.4GHz
● 802.11a 5GHz
● 802.11ac 5GHz
● 802.11n either 2.4 GHz or 5 GHz band

29. Channels
● https://en.wikipedia.org/wiki/List_of_WLAN_cha
nnels
● 2.4 GHz band is divided into 14 channels
spaced 5 MHz apart, beginning with channel 1,
which is centered on 2.412 GHz
●

31. PHY Rate
● 802.11 a Up to 54Mbps
● 802.11b 5.5Mbps 11Mbps
● 802.11g Up to 54Mbps
● 802.11n Up to 600Mbps
● 802.11ac Up to 6.9Gbps

32. Why Wireless?
● Advantage
– *Mobility
– Roam freely
– Flexibility
● Range up to a few miles
●
Reduces the need for construction of old buildings
● DisAdvantage
– Unauthorized use
– Traffic injection
– Traffic analysis

33. AP
● access points are bridges between the
wireless world and the wired world.
● The so called hot spot
● Act much like old shared ethernet hubs

34. Type of networks
● IBSS(Independent basic service set)
– Ad hoc BSSs or ad hoc networks
● Infrastructure BSS
– Defined by distance from the AP
● ESS(extended service set)
– All Aps in an ESS are given the same SSID
– Highest level abstraction supported by 802.11 network
● Multi-BSS
– Virtual Aps
– VLAN

35. Types of Access Points
● For the home: residential gateways
● For the office: enterprise access points
● For the large office: wireless switches

36. residential gateways
● DHCP server
– plug-and-play configuration easier.
● routable IP address / NAT
● WAN interface
– modem, a serial port, or even DSL.
● default internal IP address.
● do not have sophisticated radios.

37. enterprise access points
● several access points working in concert
● Upgradeability
● Security
– AES acceleration in hardware,
– support multiple security standards simultanously.
● multiple virtual radio networks
● Transmission power
● Multiple SSIDs

38. wireless switches
● load-balance clients between Aps
● monitor radio activity centrally
● extend the existing network more easily.

39. Topology Examples
● The Monolithic Single-Subnet Network
● "E.T. Phone Home" or "Island Paradise"
● Dynamic VLAN Assignment
● Virtual Access Points

40. Challenges for the MAC
● RF Link Quality
– Positive acknowledgment of data transmissions
– Atomic operations: all or nothing
● 802.11 allows stations to lock out contention
● not interrupted by other stations
– multirate

41. The Hidden Node Problem
● Wireless transceivers are generally half-duplex
● Request to Send (RTS) and Clear to Send
(CTS) signals to clear out an area

42. Frame Body
● higher-layer payload
● maximum payload of 2,304 bytes

43. cipher
● stream cipher
– WEP
– TKIP
● block cipher
– Advanced Encryption Standard (AES)
– CCMP

44. Wi-Fi Protected Access (WPA)
● WPA version 1 is based on the third draft of
802.11i (from mid-2003)
● WPA version 2 is the final standardized version
of 802.11i from mid-2004.
● designed to bring TKIP to the market more
quickly
● slight modification of a subset of 802.11i
● TKIP is the default cipher, rather than CCMP.

45. 802.11i
● Temporal Key Integrity Protocol (TKIP)
– bolster security to the greatest extent possible on
pre-802.11i hardware
● Counter Mode with CBC-MAC Protocol (CCMP)

46. Robust Security Network (RSN)
● 802.11i Key Hierarchy
– Pairwise key: protect traffic between a station and
the AP it is currently serving
– Group keys: protect broadcast or multicast traffic
from an AP to its associated clients.

47. Security Definition and Analysis
● Integrity
– Has somebody improperly changed the data?
● Secrecy
– Has the data been improperly disclosed?
– relatively easy eavesdropping
– lack of strong user authentication
● Availability
– Can I read my data when I want to?
– Denial of Service (DoS) / lack of frame authentication

48. authentication
● Your credentials, please
● transparent proxy
– custom portal page for authentication purposes.
– cannot be used to derive keys for link-layer security
protocols.

49. encryption
● Only authorized users with the keys to access the data
● data is not tampered with inflight.
● encryption protocols
– Static WEP
– 802.1X-based dynamic WEP
– Temporal Key Integrity Protocol (TKIP)
● TKIP is should not be considered a long-term solution.
– Counter Mode CBC-MAC Protocol (CCMP)
– Network-layer encryption
● IPsec, SSL, or SSH.

50. rogue access points
● Secrecy and integrity of the whole network

51. Network integrity
● traffic injection
● WPA
– allow each frame to be authenticated

52. Access Control
● Station authentication
● Association
● Link layer
● Network-or transport-layer

53. authentication protocols
● WEP shared key authentication
● MAC address filtering
● WPA preshared key (WPA-PSK or WPA Personal)
● 802.1X-based protocols
– extended authentication methods that runs over EAP.
– WPA Enterprise.
● Network-layer authentication
– VPN