Items of Interest
Wireless 802.11b on Linux, Part 2

In my first article, I discussed potential obstacles of adoption, driver availability, what cards I bought and that work for me, and some pretty pictures of each card. In this article, I intend to get down to it and discuss compilation and configuration of two Prism2 drivers for Linux. Namely, linux-wlan-ng and Prism2 Host AP. I also intend to discuss usage of the Linux Wireless Extension tools, as they're necessary to configure the latter driver (and drivers for other cards) and, briefly, enabling Ethernet Bridging between the HostAP interface and some other Ethernet interface.

Things You'll Need Before Starting

Before you start, you'll need to download (and possibly compile) a few things and verify some other things:

  • Linux Kernel v2.4.18 source (or >= v2.4.6)
  • Linux-wlan-ng driver v0.1.14-pre6 (or >= 0.1.13)
  • Host Based AP driver v2002-05-19 (or latest CVS, which corrects many bugs in the 05-19 release)
  • Linux Wireless Extensions Tools v24 (or apt-get install wireless-tools under Debian GNU/Linux)
  • Linux Ethernet Bridging Tools (or apt-get install bridge-utils under Debian GNU/Linux)
  • Access to a Windows box so you can flash your card firmware -- it's recommended your firmware be at least version 0.8.3 for things to work in all possible modes. There's no safe way to flash your card under Linux presently. ( v1.4.9 firmware for install with Windows 9x/2K/XP LinkSys Flash or Generic Intersil HEX files which you'll need to load into something to do the flashing -- The IDs in the PDF correspond to your WLAN card's ID as listed by HostAP in dmesg log e.g. mine is id=0x8013.)
  • iptables already setup with DNAT, SNAT, or whatever else you need -- A discussion of how to setup iptables for a wired (or wireless) connection is completely beyond the scope of this document.
Note that while I plan on discussing both linux-wlan-ng and host based AP, you may only be interested in one of the two. You can have both installed concurrently and only load the module pertaining to the one you wish to use at any one time, however, so coexistence won't cause any problems.

A Reminder...

Once your driver is installed and your wireless interface is up, aside from some wireless specific parameters you can set, it's essentially a regular network interface like anything else (e.g. ppp0 or eth1). You can give it an IP address with ifconfig, setup a default gateway, and do the other usual things. (Of course, you have to remember unlike a wired network it's 100 times easier to break into an unsecured wireless network. But that's a topic for another article.)

Also, I am setting up each driver below with my PCI based LinkSys WMP11 card. As such, I don't need pcmcia-cs installed nor do I have any knowledge about it. If your card is a PC Card or a PCI card with a PLX chipset, then your setup will be somewhat different. Refer to each driver's README and INSTALL files for specific details.

Since I originally wrote this in June of 2002, LinkSys has moved at least its PCI line of 802.11b WiFi cards to a BroadCom chipset which is not compatible with HostAP. You can see what the new card looks like here and the BroadCom chipset on the board here. (Thanks to jacques on irc.freenode.net #hostap for these pics!)

Recompile Your Kernel

(You can skip this if you don't care about the Prism2 Host AP driver or bridging your wireless and wired networks, but it can't hurt to compile these as modules if you change your mind later.)

When you build your new kernel, make sure you enable:

Using linux-wlan-ng

Dump the source in your favorite directory, then untar it. The README recommends running a make clean before doing anything else. Check the README so you have some familarity with the driver. Now, run a make config and answer the dozen or so questions. I answered yes to the native PCI card question, no to the questions about other kinds of cards, and left the defaults for everything else alone. When you're done, run make all to compile the driver. It should only take a moment. Then, make install it.

Now the fun begins. You'll be editing (for native PCI) /etc/wlan.conf and /etc/init.d/wlan. The init.d script isn't linked to any run levels by default, but I found it to be a solid script and I'd recommend that you use it if you plan on extended usage of this driver.

Open /etc/wlan.conf in your favorite editor and notice there are really two key sections. One describes your WEP keys and setup. (I couldn't get it working initially.) This will be discussed in my third article, so ignore it for now and leave it disabled. (dot11PrivacyInvoked=false) The second key section is configuration of the card's mode. You can presently choose Ad-Hoc or Station. Station mode will allow you to tune into an access point somewhere; essentially this is infastructure mode. Ad-Hoc mode requires that you configure things like channel and SSID.

Also, the first entry in the file will describe your wireless interface. 

WLAN_DEVICES="wlan0"

The convention is to set it to wlanX where X is some integer, starting with zero, just like with ethX and pppX.

For testing purposes, since I don't have an access point (later with the Prism2 Host AP driver the PCI card becomes my access point.), I tested everything using Ad-Hoc mode (IS_ADHOC=y). 

        #=======ADHOC STATION START=========
        SSID="vortex"
        BCNINT=100
        CHANNEL=6
        BASICRATES="2 4"
        OPRATES="2 4 11 22"

I only set the CHANNEL and SSID above. I left everything else alone.

Next, you'll need to edit your /etc/modules.conf (or /etc/modutils/aliases on Debian GNU/Linux and then run update-modules) file and add the following: 

alias wlan0 prism2_pci

Depending on your card, you might need to change the aliased driver to prism2_usb or prism2_plx. PC Card users will need to play with the pcmcia-cs options instead and thus need not modify /etc/modules.conf.

Now, try running /etc/init.d/wlan start and see what you get. If all went well, you should have a new wlan0 interface available. It doesn't have an IP yet, so it won't show up in a regular ifconfig. So, run ifconfig wlan0 and you ought to get something like: 

rebecca:/etc# ifconfig wlan0
wlan0     Link encap:Ethernet
          HWaddr 00:06:25:A7:BB:DA
          BROADCAST MULTICAST  MTU:1500  Metric:1
          Interrupt:12 Memory:c2822000-c2823000

If you see something like the above, the driver found your card and initialized it. You might also check your syslog for entries like: 

init_module: prism2_pci.o: 0.1.14-pre6 Loaded
init_module: dev_info is: prism2_pci
PCI: Found IRQ 12 for device 00:0b.0
A Prism2.5 PCI device found, phymem:0xe7800000,
    irq:12, mem:0xc2822000
ident: nic h/w: id=0x8013 1.0.0
ident: pri f/w: id=0x15 1.0.7
ident: sta f/w: id=0x1f 1.3.5

If you have the above, you're golden. For testing purposes, I'll assume you already have another wireless card setup somewhere that you can use to test the functionality of this card against. So, with that in mind, do an ifconfig wlan0 192.168.1.1 and then on the machine with the working wireless card, try to ping 192.168.1.1. Hopefully, you'll be successful. If not, make sure the test machine has a matching SSID and CHANNEL, or things won't work.

If you do have an access point, you can instead choose to enable infrastructure mode in the configuration file. 

        #===INFRASTRUCTURE STATION START===
        # SSID is all we have for now
        # opensystem | sharedkey (requires WEP)
        AuthType="opensystem"
        # Use DesiredSSID="" to associate with
        # any AP in range
        DesiredSSID="vortex"

You can choose the SSID of a station you want to associate with, or leave it blank to hook up to any station within range. Since we initially ignored WEP setup, you'll need to use opensystem as your authentication type for now.

Assuming you didn't encounter any difficulties, you now have a working wireless connection. On my box, everything's default route is through eth0, my Internet connection, so with proper DNS setup on my test box and iptables DNAT (masquerading) enabled, I can surf the Web already. However, your current wireless setup is completely insecure.

Using Prism2 Host AP driver

I'd say this is one of the cooler things you can do with a Prism2 chipset based wireless card. To quote the author of the Host Based AP driver, Jouni Malinen:

"Intersil's station firmware for Prism2/2.5 chipset supports a so called Host AP mode in which the firmware takes care of time critical tasks like beacon sending and frame acknowledging, but leaves other management tasks to host computer driver."

(Also, it looks like you'll soon be able to use HostAP with 802.1X EAP/TLS authentication, though it currently requires a little hacking.)

(09-02-2002 With a pending upcoming release of HostAP out of the latest CVS, information here is likely to become a bit dated. HostAP is now composed of several modules, and a userspace authentication daemon.)

Once again, I will walk through installation of a PCI based Prism2 card. Setup for a PC Card will differ. Installation for a PLX based card should be identical for this driver.

First, dump the Prism2-*.tar.gz file in your favorite source directory and untar it. Next, edit the Makefile: 

# Edit this path to match with your system
# (it should point to the root
# directory of the Linux kernel source)
KERNEL_PATH=/usr/src/linux

Ensure that the KERNEL_PATH variable points to your kernel source tree.

Now, run make pci followed by (as root) make install_pci.

Lastly, you'll need to edit your /etc/modules.conf (or /etc/modutils/aliases on Debian GNU/Linux and then run update-modules) file and add the following: 

alias wlan0 hostap_pci

Depending on your card, you might need to change the aliased driver to hostap_plx. PC Card users will need to play with the pcmcia-cs options instead and thus need not modify /etc/modules.conf.

The driver should produce output similar to this, when it's loaded, in your syslog: 

hostap_pci: (c) SSH Communications Security Corp 
PCI: Found IRQ 12 for device 00:0b.0
hostap_pci: Registered netdevice wlan0
prism2_hw_init()
prism2_hw_config: initialized in 16432 iterations
wlan0: NIC: id=0x8013 v1.0.0
wlan0: PRI: id=0x15 v1.0.7
wlan0: STA: id=0x1f v1.3.5
wlan0: Intersil Prism2.5 PCI: mem=0xe7800000, irq=12

The latest official release, v2002-05-19, is known to crash, at least on the WMP11 Prism2.5 PCI card, as I indicate on my post to the mailing list. As of this writing, the archives haven't been updated to include the eventual response, but everyone else who has experienced this issue upgraded to the latest CVS and the problem was resolved. With that in mind, if you experience any crashes similar to what I describe in my mailing list post, I recommend you fetch the latest CVS sources. The latest CVS also fixes the rate in AP mode being erroneously reported as 2Mbit when it's higher or lower and ought to include some more SMP fixes.

Using the Linux Wireless Extensions

If you're using the linux-wlan-ng drivers, this section doesn't apply, as linux-wlan-ng has its own non standard tool set. (At least with 0.1.14-pre6, the wireless tools report this driver doesn't support the wireless extensions.)

What you can do with the wireless tools depends in part on how much of the interface the driver supports. The Host AP driver doesn't support all possible options, but it does support all the ones you need to get the card up and running.

The most important tool is iwconfig and its similarity with ifconfig is telling of its purpose. You'll use iwconfig to set your card's mode, channel, and essid. You'll still need to set an IP address for you card using the traditional ifconfig, though.

To get your card up and running, you'll issue these commands: 

ifconfig wlan0 192.168.0.1
iwconfig wlan0 essid myessid
iwconfig wlan0 channel 4
iwconfig wlan0 mode Master

iwconfig wlan0
wlan0     IEEE 802.11-DS  ESSID:"myessid"
          Mode:Master  Frequency:2.427GHz
          Access Point: 00:06:25:A7:BB:DA
          Bit Rate:2Mb/s   Tx-Power:-11 dBm
          Sensitivity=1/3
          Retry min limit:8   RTS thr:off
          Fragment thr:off
          Encryption key:off
          Power Management:off
          Link Quality:0  Signal level:0
          Noise level:0
          Rx invalid nwid:0  Rx invalid crypt:0
          Rx invalid frag:0
          Tx excessive retries:47
          Invalid misc:32510
          Missed beacon:0

One thing to notice is that the Bit Rate is inaccurately reported in Host mode, as indicated in this thread on the Host AP mailing list. I also had some fun playing with the txpower (transmission power) setting and the interface went down. I strongly recommend you only mess with those settings for which you have an understanding of. The defaults have been fine for me thus far.

Enabling Ethernet Bridging

You can use the Linux kernel's 802.1d Ethernet Bridging option to perform the functions of a hardware bridge using your Linux box and any interfaces that are currently configured on it. Bridging your HostAP wlan0 interface with your internal wired network, say eth0, will provide you with the same benefits (and pitfalls) as using a store bought Wireless Access Point. Devices on both interfaces will share the same subnet. You'll need the Linux Ethernet Bridging Utilities linked above.

You'll need to remove any existing IP addresses to your chosen interfaces, first: 

ifconfig wlan0 0.0.0.0
ifconfig eth0 0.0.0.0

Then, you'll need to enable bridging, with the brctl utility, by adding a bridged interface, br0, assigning physical interfaces wlan0 and eth0 to it, and finally using ifconfig to assign the new virtual bridged interface an IP address: 

brctl addbr br0
brctl addif br0 eth0
brctl addif br0 wlan0
ifconfig br0 192.168.1.1 up

Now, if you're on Debian then you're in luck, as you can easily edit /etc/network/interfaces to load your bridged interfaces on start up! You'll want to read bridge-utils/README.Debian.gz for full details, but here's my basic configuration that I've used: 

auto br0
iface br0 inet static
       address 192.168.1.1
       network 192.168.1.0
       netmask 255.255.255.0
       broadcast 192.168.1.255
       bridge_ports wlan0 eth2
       up \
       /sbin/iwconfig wlan0 essid trekweb && \
       /sbin/iwconfig wlan0 channel 4 && \
       /sbin/iwconfig wlan0 mode Master

Now your Wired and Wireless network are bridged, as one.

Links and Useful Resources

Copyright and Revision Information

06-15-02 - Initial Draft
06-22-02 - Additional Sections
06-23-02 - Links, Firmware notice
07-16-02 - Added notice; work around for possible crash in HostAP 2-2002-05-19
07-17-02 - Added link to prism2 chipset card list
08-15-02 - (Re)Added section on Ethernet Bridging

This document is copyright (c) Jason Boxman, 2002. All rights reserved.