Wireless

Wireless mainly uses the same mechanism as Ethernet, so check also the Ethernet chapter in this book. For Gentoo Linux set the wifi use flag.

Device drivers

Linux is full of options, so there are primary two options to have a device driver for the wireless card:

  1. Using Linux device drivers (delivered with or without the kernel source)

  2. Using Microsoft device drivers and the ndiswrapper

Many drivers have to download a firmware or ucode first into the Wlan interface to work. Therefore check dmesg if you have some error about a missing firmware. To have such a firmware or ucode available you have to emerge a special ebuild as:

emerge linux-firmware

emerge iwl5000-ucode

emerge rt73-firmware

Last but not least make sure your Wlan switch is on.

Please note that udev comes in place and assigns a device to a /dev name in a persistent manner. This could cause problems when testing different drivers and configurations. When you have a empty /etc/conf.d/net file but still drivers are loaded or you observe other strange behavior, then check /etc/udev/rules.d/70-persistent-net.rules /etc/udev/rules.d/70-persistent-net.rules and delete there the configurations that you do not want anymore. Also run update-modules to re-do the module dependency files. Also check dmesg to see if some conflicts and errors occur. Once the device drivers are loaded iwconfig should show wlan0 additional to eth0.

Ndiswrapper

The ndiswrapper makes use of the Microsoft device driver. mdiswrapper can be be started using /etc/modules.autoload.d. It requires the two Microsoft device driver files *.inf and *.sys . The command ndiswrapper -i<Path to Microsoft drivers>.< Driver name>.inf tells the ndiswrapper where the files are.

Linux driver for the WUSB54GC USB Adapter

This USB Wlan interface from Linksys WUSB54GC is probably more tricky to install, but having USB allows to be plugged into almost every hardware.

and is now included in the newer kernels 2.6.25, so there is no need anymore to emerge it separately.

As an alternative there are also driver packages from ralinktech, the manufacturer of the chip set.

Note: WUSB54GC has there the name: RT2501USB.

When the USB adapter is plugged in then a firmware has to be downloaded to the WLAN USB device first. The name of the file is rt73.bin and has to be be put into /lib/firmware. This can be done manually or by unmasking and emerge rt73-firmware. Verify that dmesg will not show the firmware error.

Create kernel where IEEE802.11 support is selected and then select also rt2x00. Select in the kernel rt73usb. Load the kernel module:

modprobe rt73usb

and/or add

rt73usb

to /etc/modules.autoload.d/kernel-2.6

to have it loaded automatically during next boot.

usbview shows the card (a useful /dev/file can not be seen, neither for eth0, udevadm monitor --env sees the card when plugged in/out.). Check to see if it got accepted by the system.

Figure 8.1. USB

Wlan


Atheros wireless PCI Express Adapter

This driver comes with the kernel source. Build a kernel with it preferably as module. Load the module ath5k by putting it into /etc/modules.autoload.d/kernel-2.6 or do a modprobe ath5k.

Madwifi has been developed by the same people as ath5k and will be replaced one day with ath5k. Set therefore the madwifi useflag.

Since ath5k comes with the kernel source, there is no need to emerge madwifi-ng to get the driver. However emerge madwifi-ng-tools to get the associated tools.

There might be a conflict between the kernel module ath5k and the madwifi module ath_pci when both are loaded together.

Wireless implementation under Linux

The following security methods exist:

  1. WEP (Wired Equivalent Privacy) requiring a 64 or 128bit key

  2. WPA (WiFi Protected Access) offering TKIP or the symmetric AES Encryption. Additionally there is the option PSK" (Pre-Shared Key 2)

There are two ways:

  1. iwconfig that supports many devices, is easy to install supports WEP, but does not support WPA. iwconfig is part of wireless-tools

  2. wpa_supplicant does not support many devices, but supports ndiswrapper and therefore it supports everything that has a Microsoft driver. It has its own configuration file /etc/wpa_supplicant/wpa_supplicant.conf

WPA (Wi-Fi Protected Access) should be the favorite since it is more safe and therefore more used than WEP. WEP can be cracked using instructions found on the WEB as: https://www.smallnetbuilder.com/wireless/wireless-howto/24242-howtocrackweppt2?start=1

Wireless-tools

Do a emerge wireless-tools to get iwconfig that is similar to ifconfig or ip and shows you the stuff about Wlan. Wireless tools lets you try out WEP that is not very save, but easy to try out a connection.

Make sure you have loaded the kernel module for your hardware. When not included in the kernel lsmod should show it. If it is not there, modprobe ath5k to load an Atheros wireless PCI Express Adapter or modprobe rt73usb for the Linksys WUSB54GC. Since the first tests are done manually /etc/conf.d/net should contain nothing about wlan.

Type iwconfig to see your interfaces and its names, ifconfig will not show anything.

However just in case do a: ifconfig wlan0 down

Set to managed mode this means somewhere is an access point and you are a client. If not already set to managed: iwconfig wlan0 mode managed

You have to give your network a name, the ESSID this has to be the same name on all devices that want to communicate with each other (your wireless router and your PC):

iwconfig wlan0 essid <my net>

Verify that your interface and the AP use the same channel, if not do:

iwconfig wlan0 channel 11

And if you have set WEP with a static key in our AP, let your PC know about it:

iwconfig wlan0 key e7dddcee7d

Bring up the client interface: ifconfig wlan0 up. After a few seconds iwconfig should also have the Access Point field with a number, so it is associated.

You might use iwlist wlan0 scan to see the ESSID of your AP (Access Point). (Encryption key currently turned off during these tests):

iwlist wlan0 scan

wlan0 Scan completed :

Cell 01 - Address: 00:AF:C5:DD:85:32

ESSID:"ZyXEL"

Mode:Master

Channel:1

Frequency:2.412 GHz (Channel 1)

Quality=54/100 Signal level=-34 dBm

Encryption key:off

Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 22 Mb/s

6 Mb/s; 9 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s

36 Mb/s; 48 Mb/s; 54 Mb/s

Extra:tsf=000000001ff9d46e

Give yourself an IP address ifconfig wlan0 up 192.168.1.7

And now you should be able to do a ping -c 3 192.168.1.1 assuming this is the address of your AP.

To see what is set use iwlist. Example to see the keys: iwlist wlan0 keys

To have the interface automatically up, follow the Gentoo handbook and use wlan0 instead of eth0. I did not use the /etc/conf.d/wireless file at all (it seems not a good idea to create this file from /etc/conf.d/wireless.example) I just used /etc/conf.d/net and followed the Gentoo handbook.

Set replace in the following <essid> with your essid and add it to /etc/conf.d/net:

modules=(“iwconfig”)

config_<essid>=(“dhcp”)

key_<essid>=”e7dddcee7d”

preferred_aps=(“<essid>”)

Create the useful link to start the wlan connection:

ln -s /etc/init.d/net.lo /etc/init.d/net.wlan0

WPA_supplicant

Type emerge -pv wpa_supplicant to if useflags like madwifi are enabled. Madwifi enables atheros chipset to be supported by wpa_suplicant. After that emerge wpa_supplicant

To see what drivers wap_supplicant supports, type:

wpa_supplicant -h don't expect too much the list of supported drivers will be short. However it supports ndiswrapper. When enabling the madwifi useflag then madwifi pops up there. Since the first tests are done manually /etc/conf.d/net should contain nothing about wlan.

Make sure the driver is loaded and no other has taken the chip.

To encrypt the key type wpa_passphrase <essid> <mykey> and then edit /etc/wpa_supplicant/wpa_supplicant.conf to hold something as

network={

ssid=<my ssid>

key_mgmt=WPA-PSK

proto=WPA2

pairwise=CCMP

group=CCMP

psk=”<my key encrypted>”

}

To start wpa_supplicant type

wpa_supplicant -i wlan0 -D madwifi -c /etc/wpa_supplicant/wpa_supplicant.conf

To /etc/conf.d/net add:

modules=(“wpa_supplicant”)

wpa_supplicant_wlan0=”-Dmadwifi”

Tools to work with wireless connections

Wireless means, you probably have a laptop an move it around, so you will face different

KWiFiManager is a GUI tools that work well after the setup is done.

Or use NetworkManager and its KDE GUI front-end Knetworkmanager to handle all your links and encryption methods, keys and passwords.

kismet is a WLAN sniffer. Checkout /usr/share/doc for the kismet documentation.

/etc/kismet.conf

suiduser=<add you name>
piddir=<some directory where you have access>
source=<rt2500,wlan0,your_username> 

The wlan driver must not occupied by the regular LAN connection.

ifconfig wlan0 down to make it available

iwconfig wlan0 mode monitor to go into monitor mode

iwconfig to verify

kismet

rfkill list shows if wifi is blocked (hard or soft) rfkill unblock wifi removes soft block

regulatory db

Radio transmitters use different regulations around the world (as allowable signal strength). Since WLAN is also transmitting data it has to follow the different regulations.

As default it assumes COUNTRY=00 meaning world and being most restricted (not all frequencies usable and signal strength restricted).

To handle this issue the wireless-regdb packet installs the regulatory database /lib/firmware/regulatory.db and more important its binary version /usr/lib/crda/regulatory.bin The binary version can be read with regdbdump /usr/lib/crda/regulatory.bin

The kernel must be prepared for this and the Central Regulatory Domain Agent (CRDA) needs to be installed (crda packet).

The packet linux-firmware might be required to be installed to get the correct firmware for the wlan chips.

The WLAN dirver knows the card's certification and where it is and try to do the best to follow the countries regulation.

To have all this running the COUNTRY environmental variable must be set correctly (for Switzerland CH).

This can be done via iw reg set CH and verified with iw reg get (packet iw). It can just more restrict but not remove restrictions.

Persistent setting is done depending the linux distribution wpa_supplicant configuration file crda configuration file Network manager.

To debug crda to kernel udevadm monitor --environment kernel


Linurs startpage