X-Git-Url: https://git.rohieb.name/openwrt.git/blobdiff_plain/24a20793671a7cde80b57c7e6c6069f7d46febde..8ade1960dd8d45693d2502bd453041b258be82bc:/docs/wireless.tex?ds=sidebyside diff --git a/docs/wireless.tex b/docs/wireless.tex index bc9df1141..efb07eafb 100644 --- a/docs/wireless.tex +++ b/docs/wireless.tex @@ -5,7 +5,7 @@ commented. This prevents unsecured sharing of the network over the wireless inte Each wireless driver has its own configuration script in \texttt{/lib/wifi/driver\_name.sh} which handles driver specific options and configurations. This script is also calling driver specific binaries like wlc for -Broadcom, or hostapd and wpa\_supplicant for atheros. +Broadcom, or hostapd and wpa\_supplicant for atheros and mac80211. The reason for using such architecture, is that it abstracts the driver configuration. @@ -31,7 +31,7 @@ config wifi-iface config wifi-device "wifi0" option type "atheros" option channel "5" - option agmode "11g" + option hwmode "11g" config wifi-iface option device "wifi0" @@ -93,30 +93,37 @@ of that (if supported by the driver). A full outline of the wireless configuration file with description of each field: \begin{Verbatim} -config wifi-device wifi device name - option type broadcom, atheros, mac80211 - option country us, uk, fr, de, etc. - option channel 1-14 - option maxassoc 1-128 (broadcom only) - option distance 1-n - option agmode 11b, 11g, 11a, 11bg (atheros only) +config wifi-device wifi device name + option type broadcom, atheros, mac80211 + option country us, uk, fr, de, etc. + option channel 1-14 + option maxassoc 1-128 (broadcom only) + option distance 1-n (meters) + option hwmode 11b, 11g, 11a, 11bg (atheros, mac80211) + option rxantenna 0,1,2 (atheros, broadcom) + option txantenna 0,1,2 (atheros, broadcom) + option txpower transmission power in dBm config wifi-iface - option network the interface you want wifi to bridge with + option network the interface you want wifi to bridge with option device wifi0, wifi1, wifi2, wifiN - option mode ap, sta, adhoc, monitor, or wds + option mode ap, sta, adhoc, monitor, mesh, or wds + option txpower (deprecated) transmission power in dBm option ssid ssid name option bssid bssid address - option encryption none, wep, psk, psk2, wpa, wpa2 + option encryption none, wep, psk, psk2, wpa, wpa2 option key encryption key option key1 key 1 option key2 key 2 option key3 key 3 option key4 key 4 + option passphrase 0,1 option server ip address option port port option hidden 0,1 - option isolate 0,1 + option isolate 0,1 (broadcom) + option doth 0,1 (atheros, broadcom) + option wmm 0,1 (atheros, broadcom) \end{Verbatim} \paragraph{Options for the \texttt{wifi-device}:} @@ -132,14 +139,25 @@ config wifi-iface The wifi channel (e.g. 1-14, depending on your country setting). \item \texttt{maxassoc} \\ - Optional: Maximum number of associated clients. This feature is supported only on the broadcom chipset. + Optional: Maximum number of associated clients. This feature is supported only on the Broadcom chipsets. \item \texttt{distance} \\ - Optional: Distance between the ap and the furthest client in meters. This feature is supported only on the atheros chipset. + Optional: Distance between the ap and the furthest client in meters. This feature is supported only on the Atheros chipsets. \item \texttt{mode} \\ - The frequency band (\texttt{b}, \texttt{g}, \texttt{bg}, \texttt{a}). This feature is only supported on the atheros chipset. + The frequency band (\texttt{b}, \texttt{g}, \texttt{bg}, \texttt{a}). This feature is only supported on the Atheros chipsets. + \item \texttt{diversity} \\ + Optional: Enable diversity for the Wi-Fi device. This feature is supported only on the Atheros chipsets. + + \item \texttt{rxantenna} \\ + Optional: Antenna identifier (0, 1 or 2) for reception. This feature is supported by Atheros and some Broadcom chipsets. + + \item \texttt{txantenna} \\ + Optional: Antenna identifier (0, 1 or 2) for emission. This feature is supported by Atheros and some Broadcom chipsets. + + \item \texttt{txpower} + Set the transmission power to be used. The amount is specified in dBm. \end{itemize} @@ -169,6 +187,9 @@ config wifi-iface \item \texttt{monitor} \\ Monitor mode + \item \texttt{mesh} \\ + Mesh Point mode (802.11s) + \item \texttt{wds} \\ WDS point-to-point link @@ -180,6 +201,9 @@ config wifi-iface \item \texttt{bssid} Set the BSSID address to be used for wds to set the mac address of the other wds unit. + \item \texttt{txpower} + (Deprecated, set in wifi-device) Set the transmission power to be used. The amount is specified in dBm. + \item \texttt{encryption} \\ Encryption setting. Accepts the following values: @@ -196,6 +220,13 @@ config wifi-iface \item \texttt{key, key1, key2, key3, key4} (wep, wpa and psk) \\ WEP key, WPA key (PSK mode) or the RADIUS shared secret (WPA RADIUS mode) + \item \texttt{passphrase} (wpa) \\ + 0 treats the wpa psk as a text passphrase; 1 treats wpa psk as + encoded passphrase. You can generate an encoded passphrase with + the wpa\_passphrase utility. This is especially useful if your + passphrase contains special characters. This option only works + when using mac80211 or atheros type devices. + \item \texttt{server} (wpa) \\ The RADIUS server ip address @@ -209,8 +240,128 @@ config wifi-iface Optional: Isolation is a mode usually set on hotspots that limits the clients to communicate only with the AP and not with other wireless clients. 0 disables ap isolation (default); 1 enables ap isolation. + \item \texttt{doth} \\ + Optional: Toggle 802.11h mode. + 0 disables 802.11h (default); 1 enables it. + + \item \texttt{wmm} \\ + Optional: Toggle 802.11e mode. + 0 disables 802.11e (default); 1 enables it. + \end{itemize} +\paragraph{Mesh Point} + +Mesh Point (802.11s) is only supported by some mac80211 drivers. It requires the iw package +to be installed to setup mesh links. OpenWrt creates mshN mesh point interfaces. A sample +configuration looks like this: + +\begin{Verbatim} +config wifi-device "wlan0" + option type "mac80211" + option channel "5" + +config wifi-iface + option device "wlan0" + option network lan + option mode "mesh" + option mesh_id "OpenWrt" +\end{Verbatim} + +\paragraph{Wireless Distribution System} + +WDS is a non-standard mode which will be working between two Broadcom devices for instance +but not between a Broadcom and Atheros device. + +\subparagraph{Unencrypted WDS connections} + +This configuration example shows you how to setup unencrypted WDS connections. +We assume that the peer configured as below as the BSSID ca:fe:ba:be:00:01 +and the remote WDS endpoint ca:fe:ba:be:00:02 (option bssid field). + +\begin{Verbatim} +config wifi-device "wl0" + option type "broadcom" + option channel "5" + +config wifi-iface + option device "wl0" + option network lan + option mode "ap" + option ssid "OpenWrt" + option hidden "0" + option encryption "none" + +config wifi-iface + option device "wl0" + option network lan + option mode wds + option ssid "OpenWrt WDS" + option bssid "ca:fe:ba:be:00:02" +\end{Verbatim} + +\subparagraph{Encrypted WDS connections} + +It is also possible to encrypt WDS connections. \texttt{psk}, \texttt{psk2} and +\texttt{psk+psk2} modes are supported. Configuration below is an example +configuration using Pre-Shared-Keys with AES algorithm. + +\begin{Verbatim} +config wifi-device wl0 + option type broadcom + option channel 5 + +config wifi-iface + option device "wl0" + option network lan + option mode ap + option ssid "OpenWrt" + option encryption psk2 + option key "" + +config wifi-iface + option device "wl0" + option network lan + option mode wds + option bssid ca:fe:ba:be:00:02 + option ssid "OpenWrt WDS" + option encryption psk2 + option key "" +\end{Verbatim} + +\paragraph{802.1x configurations} + +OpenWrt supports both 802.1x client and Access Point +configurations. 802.1x client is only working with +drivers supported by wpa-supplicant. Configuration +only supports EAP types TLS, TTLS or PEAP. + +\subparagraph{EAP-TLS} + +\begin{Verbatim} +config wifi-iface + option device "ath0" + option network lan + option ssid OpenWrt + option eap_type tls + option ca_cert "/etc/config/certs/ca.crt" + option priv_key "/etc/config/certs/priv.crt" + option priv_key_pwd "PKCS#12 passphrase" +\end{Verbatim} + +\subparagraph{EAP-PEAP} + +\begin{Verbatim} +config wifi-iface + option device "ath0" + option network lan + option ssid OpenWrt + option eap_type peap + option ca_cert "/etc/config/certs/ca.crt" + option auth MSCHAPV2 + option identity username + option password password +\end{Verbatim} \paragraph{Limitations:} @@ -242,7 +393,7 @@ Only the following mode combinations are supported: \paragraph{Adding a new driver configuration} -Since we currently only support two different wireless drivers : Broadcom and Atheros, +Since we currently only support thread different wireless drivers : Broadcom, Atheros and mac80211, you might be interested in adding support for another driver like Ralink RT2x00, Texas Instruments ACX100/111.