← Revision 2 as of 2001-12-01 16:27:05
|Deletions are marked like this.||Additions are marked like this.|
|Line 34:||Line 34:|
* 802.1x support for Linux
* http://www.cs.umd.edu/~arunesh/1x/index.html (OpenSource)
* http://www.mtghouse.com/supplicant_priv.html (Free but closed source)
One useful project is to turn one of the free Unixes into a true AccessPoint. More to come ...
Here's an example system that is functional as of 08/04/2001.
An easy, useable, IP-free solution available now is that of a PCI-based PC running Linux and an off-the-shelf D-Link DWL-500, which is a DWL-650 bundled with a Ricoh-based PCI bridge for about $120. Range is bad, but there are instructions as to how to solder a pigtail into the board for an external antenna. There may be other Prism II boards with better transmit power and/or receive sensitivity and/or an external anteanna available.
JouniMalinen has written a HostApMode driver that works with this card to provide InfrastructureMode functionality. This compiles easily with the latest PCMCIA packages and Linux kernels, and has worked for me very well.
There is no WEP currently, nor is it *fully* supported by the Wireless Extensions for Linux. (Interface shows up as wlan0, per-user signal statistics not supported.)
Bridging is not natively supported in the driver, but the Linux kernel can use its bridging functionality fully with this interface. I prefer to keep the interface separate and run Masquerading on it.
I have simple deny-all incoming to my router machine, except for UDP ports 53, 67 and 68. 53 is needed as I prefer to run a local DNS server and I haven't configured the Masquerading code to divert Masq'd connections into local connections though it is possible. 67 and 68 are needed for DHCP.
Again, note that this is not a bridging situation: there's no way for the wireless network to see the wired intranet. This is intentional as I have way too many machines here to worry about securing them.
With those caveats, I represent that this system allows anyone with a plain old laptop to come over and stick in a plain old wireless card and cruise the internet without any knowledge of how the network is set up.
Here are some links:
- Article from live.com on turning a linux box into an access point.
Some information on using Linux as a true AccessPoint (not Ad Hoc).
- This may be a good, inexpensive box for a Linux Router/Firewall/Access Point.
- Ebtables (like IP tables only layer 2)
- 802.1x support for Linux