|
Size: 6067
Comment:
|
Size: 4705
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 3: | Line 3: |
| [[TableOfContents]] | See also: DebianAp, DebianApImage |
| Line 6: | Line 6: |
| ===== To Be Fixed Soon ===== | |
| Line 8: | Line 9: |
|
* ExtrusionDetection (Snort) * Automatic rules update for ExtrusionDetection * Test NoCatAuth CaptivePortal mode * Setup Exim with TLS for mail proxying (warn about earthlink) * Setup transparent proxy for port 80 and port 25 * Add the debian package for Wavemon (new in unstable) * Install Bastille for security (maybe gr-security as well?) * Install tripwire or osiris * Is webmin a good idea? * Add CBQ (debian package shaper) * SSL support on nocat auth page -SeattleWireless:EricJohanson * Are you referring to the NoCatAuth bug where https requests don't get proxied to the portal properly or are you wanting the login page to the SSL'd? -- AdamShand |
* Test NoCatAuth CaptivePortal mode (once the behind NAT fix is in place make captive mode the default) |
| Line 23: | Line 13: |
|
* Add documentation on what needs to be setup and what it does * Create setup script to make configuration easier * Setup a Debian Apt repository for PTP packages and configure sources.list to use it. ===== To Be Done "Sometime" ===== These are as much ideas as anything else. Comments are appreciated. * Is webmin a good idea? * Setting up a default message on telnet/ssh; "you are not logged in via nocat, please goto http://aa.bb.cc.dd/" * This would be a little tricky to do with telnet and there is no real way to do this with SSH that I can think of (because there is no way to display a banner before login). Actually I just learned something ... this can be done. It still requires some trickery and I'm not sure it's really that important but it would be cool. If you wanna contribute the necessary firewall rules to make it happen please do, the best way I can think of doing this is to redirect port 22 and 23 traffic to anywhere to the stylistic and display a banner there. -- AdamShand * ExtrusionDetection (Snort) * Automatic rules update for ExtrusionDetection * Setup Exim with TLS for mail proxying (warn about earthlink) * Setup transparent proxy for port 80 and port 25 * SSL support on nocat auth page -SeattleWireless:EricJohanson * Are you referring to the NoCatAuth bug where https requests don't get proxied to the portal properly or are you wanting the login page to the SSL'd? -- AdamShand |
|
| Line 25: | Line 31: |
|
* Setting up image to work with other devices (EG: SBCs with different PCMCIA bridges) * I think this should "just work". Can you document any issues? -- AdamShand * Setting up a default message on telnet/ssh; "you are not logged in via nocat, please goto http://aa.bb.cc.dd/" |
|
| Line 45: | Line 48: |
|
* What does this mean? Any why is it saying it sooooo much? {{{ Jan 5 05:02:44 fuji kernel: Clearing TIM bit for AID 1 Jan 5 05:02:45 fuji kernel: wlan0: dropped received packet from 00:02:2d:04:e4:62 with no ToDS flag (type=0x02, subtype=0x04) Jan 5 05:02:45 fuji kernel: wlan0: RX status=0x0000 (port=0, type=0, fcserr=0) silence=4 signal=153 rate=20 rxflow=0 Jan 5 05:02:45 fuji kernel: FC type=2:4 dur=0x0102 seq=0xe1f0 data_len=0 Jan 5 05:02:45 fuji kernel: A1=00:30:ab:0e:fa:af A2=00:02:2d:04:e4:62 A3=00:30:ab:0e:fa:af A4=00:00:00:00:00:00 Jan 5 05:02:45 fuji kernel: dst=00:30:ab:0e:fa:af src=00:02:2d:04:e4:62 len=0 Jan 5 05:02:45 fuji kernel: handle_pspoll: BSSID=00:30:ab:0e:fa:af, TA=00:02:2d:04:e4:62 Jan 5 05:02:45 fuji kernel: aid=1 Jan 5 05:02:45 fuji kernel: Clearing TIM bit for AID 1 Jan 5 05:02:46 fuji kernel: wlan0: dropped received packet from 00:02:2d:04:e4:62 with no ToDS flag (type=0x02, subtype=0x04) Jan 5 05:02:46 fuji kernel: wlan0: RX status=0x0000 (port=0, type=0, fcserr=0) silence=3 signal=153 rate=20 rxflow=0 Jan 5 05:02:46 fuji kernel: FC type=2:4 dur=0x0102 seq=0xe2c0 data_len=0 Jan 5 05:02:46 fuji kernel: A1=00:30:ab:0e:fa:af A2=00:02:2d:04:e4:62 A3=00:30:ab:0e:fa:af A4=fc:f0:75:98:b3:f0 Jan 5 05:02:46 fuji kernel: dst=00:30:ab:0e:fa:af src=00:02:2d:04:e4:62 len=0 Jan 5 05:02:46 fuji kernel: handle_pspoll: BSSID=00:30:ab:0e:fa:af, TA=00:02:2d:04:e4:62 Jan 5 05:02:46 fuji kernel: aid=1 Jan 5 05:02:46 fuji kernel: Clearing TIM bit for AID 1 Jan 5 05:02:47 fuji kernel: wlan0: dropped received packet from 00:02:2d:04:e4:62 with no ToDS flag (type=0x02, subtype=0x04) Jan 5 05:02:47 fuji kernel: wlan0: RX status=0x0000 (port=0, type=0, fcserr=0) silence=4 signal=150 rate=20 rxflow=0 Jan 5 05:02:47 fuji kernel: FC type=2:4 dur=0x0102 seq=0xe390 data_len=0 Jan 5 05:02:47 fuji kernel: A1=00:30:ab:0e:fa:af A2=00:02:2d:04:e4:62 A3=00:30:ab:0e:fa:af A4=03:0a:00:10:00:80 Jan 5 05:02:47 fuji kernel: dst=00:30:ab:0e:fa:af src=00:02:2d:04:e4:62 len=0 Jan 5 05:02:47 fuji kernel: handle_pspoll: BSSID=00:30:ab:0e:fa:af, TA=00:02:2d:04:e4:62 Jan 5 05:02:47 fuji kernel: aid=1 Jan 5 05:02:47 fuji kernel: Clearing TIM bit for AID 1 }}} I get 1-2 of these per second. /var/log on my system is over 300 megs. :( This is from running 'netstubler on a windows box. |
* What does this mean? Any why is it saying it sooooo much? I get 1-2 of these per second. /var/log on my system is over 300 megs. * I believe this will be fixed with the next update which includes the lastest HostAp drivers. Well see anyway -- AdamShand |
| Line 81: | Line 55: |
|
* Setting up image to work with other devices (EG: SBCs with different PCMCIA bridges) * I think this should "just work". Can you document any issues? -- AdamShand |
|
| Line 84: | Line 60: |
| * AdHoc mode is supported, you just need to change the mode the card is in from master to managed in /etc/network/interfaces (it ships as an AccessPoint by default). -- AdamShand | * This was a known issue with the 2.4.16 kernel, please upgrade to 2.4.17. -- AdamShand |
| Line 88: | Line 64: |
| * Add the debian package for Wavemon (new in unstable) |
This is to help track and resolve bugs with the DebianLinuxAccessPoint and DebianApImage projects. If you think you've found a bug in how the image works please list it here along with all the information I might need to fix it. Thanks -- AdamShand.
See also: DebianAp, DebianApImage
Feature Requests
To Be Fixed Soon
- Setup for iw_mode command to set default mode (master/managed/adhoc)
- Add notes on how to set power for cards
Test NoCatAuth CaptivePortal mode (once the behind NAT fix is in place make captive mode the default)
Touch screen support.
Can this be done without X? non-X-scribble? I think this requires X. X will be supported once I get docs from CoryWebb on how to make the pen drivers work and a working XF86Config file.n -- AdamShand
You should check with Mark Curran, I think he has added X to your image already --MichaelCodanti
- Add documentation on what needs to be setup and what it does
- Create setup script to make configuration easier
- Setup a Debian Apt repository for PTP packages and configure sources.list to use it.
To Be Done "Sometime"
These are as much ideas as anything else. Comments are appreciated.
- Is webmin a good idea?
Setting up a default message on telnet/ssh; "you are not logged in via nocat, please goto http://aa.bb.cc.dd/"
This would be a little tricky to do with telnet and there is no real way to do this with SSH that I can think of (because there is no way to display a banner before login). Actually I just learned something ... this can be done. It still requires some trickery and I'm not sure it's really that important but it would be cool. If you wanna contribute the necessary firewall rules to make it happen please do, the best way I can think of doing this is to redirect port 22 and 23 traffic to anywhere to the stylistic and display a banner there. -- AdamShand
ExtrusionDetection (Snort)
Automatic rules update for ExtrusionDetection
- Setup Exim with TLS for mail proxying (warn about earthlink)
- Setup transparent proxy for port 80 and port 25
SSL support on nocat auth page -EricJohanson
- Real time reporting...
WirelessAntFarm from Vortex looks like a promising start. EricJohanson is also working on something. -- AdamShand
Open Bugs
From AdamShand
Upgrade to latest version of NoCatAuth to fix browser problems.
Upgrade to 2.4.17 and latest HostApMode drives to try and resolve NetStumbler issues
From TerrySchmidt:
- Screen doesn't turn off (might be my bios settings)
- How do you make grub bootable? (without loading lilo first and then booting and choosing grub)
working on it, if anyone else wants to figure this out it would be appreciated. -- AdamShand
From EricJohanson:
- /etc/lilo.conf.install does not point to correct kernel image; (both 2.2.x and 2.4.x)
- warnings loading modules; /var/log/something is readonly on kernel boot
- My screen *does* turn off, once I tweaked the bios
- Why can't I ping/traceroute out via the NAT?
- having lynx installed would help debugging 'net connections
- What does this mean? Any why is it saying it sooooo much? I get 1-2 of these per second. /var/log on my system is over 300 megs.
Unable to Duplicate
- DNS Server doesn't load upon bootup
- DHCP Server doesn't load upon bootup
I had this problem when i was setting up my own linux ap image, you the hostap driver takes a little while to initialize, longer than a normal one, so i fixed it by bumping dhcp to S99 in /etc/rc2.d/ --ForrestEnglish
- Setting up image to work with other devices (EG: SBCs with different PCMCIA bridges)
I think this should "just work". Can you document any issues? -- AdamShand
Resolved Bugs
AdHoc mode! This would be VERY helpful for SWN folks..... I've heard rumors that we want to use ADHoc for PtP links...
This was a known issue with the 2.4.16 kernel, please upgrade to 2.4.17. -- AdamShand
- Needs update to 2.4.16 (10 Dec 2001)
- Disable -- MARK -- in syslog ("-m 0") (10 Dec 2001)
- Add simple batch file or configuration to switch to bridging instead of NAT (see /usr/local/bin/bridge-setup.sh 10 Dec 2001)
- Add the debian package for Wavemon (new in unstable)