[OpenWrt-Devel] Axel instead of wget.
Hello Using wget for fetching sources is dead slow on my internet. anyone please know any hack to use axel instead ? ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] hostapd WDS nl80211 mac80211 wds_bridge
Hi I'm tryin to understand wds so I'm trying to set one up using some Ar9103 cards , there are some questions regarding it's setup, in hostapd configuration file it's mentioned that it's only supported with driver=nl80211 and I'm guessing I may be using ath9k (mac80211) for these routers (wr1043nd,g300nh,wr941nd). so are there any other programs that is going to handle this since I find nothing regarding wds in hostapd.sh ? is it possible with using wds_bridge=wds-br0 force the wds to talk to other stations on wired network ? if they all operate on same channel I think that would be a good deal to make areas less crowded for each network with a better roaming. I'll appreciate if someone shed some light to this cave thanks ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] wr941nd marvell 88e6060
my wr941nd uses a MARVELL 88e6063 Swtich and I have these lines in backfire/build_dir/linux-ar71xx/linux-2.6.32.27/.config in r31251 seems it should support dot1q and vlaning as well CONFIG_NET_DSA=y # CONFIG_NET_DSA_TAG_DSA is not set # CONFIG_NET_DSA_TAG_EDSA is not set CONFIG_NET_DSA_TAG_TRAILER=y CONFIG_NET_DSA_TAG_QINQ=y CONFIG_NET_DSA_AR7240=y # CONFIG_NET_DSA_MV88E6XXX is not set CONFIG_NET_DSA_MV88E6060=y CONFIG_NET_DSA_MV88E6063=y # CONFIG_NET_DSA_MV88E6XXX_NEED_PPU is not set # CONFIG_NET_DSA_MV88E6131 is not set # CONFIG_NET_DSA_MV88E6123_61_65 is not set CONFIG_VLAN_8021Q=y # CONFIG_VLAN_8021Q_GVRP is not set but according to http://wiki.openwrt.org/toh/tp-link/tl-wr941nd :the Switch Ports (for VLANs) is in TODO state. is it possible ? can I get it to work even with some hacks ? ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] can't load library 'libnsl.so.0'
I'm using backfire AR71xx trunk .what should I do to have this libnsl in my library ? ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH 3/3] hostapd dynamic vlans
yes, and I can confirm that dynamic vlaning works like a charm ! Thank you
OpenWrt ! :D
On Thu, Dec 1, 2011 at 12:03 PM, Helmut Schaa
wrote:
> On Thu, Dec 1, 2011 at 3:57 AM, Ashkanull wrote:
> > freeradius -X output:
> >>
> >>
> >> [peap] Got tunneled reply RADIUS code 2
>
> This is the tunneled reply that contains the VLAN attributes.
>
> >> Tunnel-Type:0 = VLAN
> >> Tunnel-Medium-Type:0 = IEEE-802
> >> Tunnel-Private-Group-Id:0 := "10"
> >> MS-MPPE-Encryption-Policy = 0x0001
> >> MS-MPPE-Encryption-Types = 0x0006
> >> MS-MPPE-Send-Key = 0xfa4b6928402162dc75ca3c5d3633a544
> >> MS-MPPE-Recv-Key = 0xdbaf38647954a65f8ff3bd457640aa33
> >> EAP-Message = 0x03450004
> >> Message-Authenticator = 0x
> >> User-Name = "ashkan"
> >> [peap] Tunneled authentication was successful.
> >> [peap] SUCCESS
> >> ++[eap] returns handled
> >> Sending Access-Challenge of id 12 to 192.168.1.1 port 56950
> >> EAP-Message =
> >>
> 0x0146002b1900170301002005105d3df33ceaaa611deed6ef7ebea0a52aa5a306448fc819ac6b864fb3
> >> Message-Authenticator = 0x
> >> State = 0x84bc4e3b83fa57e7caa19a8619269cb1
> >> Finished request 268.
> >> Going to the next request
> >> Waking up in 0.5 seconds.
> >> rad_recv: Access-Request packet from host 192.168.1.1 port 56950, id=13,
> >> length=199
> >> User-Name = "ashkan"
> >> NAS-Port = 1
> >> Called-Station-Id = "F4-EC-38-FC-11-C8:OpenWrt"
> >> Calling-Station-Id = "78-E4-00-6C-2F-EB"
> >> Framed-MTU = 1400
> >> NAS-Port-Type = Wireless-802.11
> >> Connect-Info = "CONNECT 54Mbps 802.11g"
> >> EAP-Message =
> >>
> 0x0246002b190017030100204569670443a923b680717450c026917c7fe46b678375ddf9bb4ee0fc34a5a81b
> >> State = 0x84bc4e3b83fa57e7caa19a8619269cb1
> >> Message-Authenticator = 0x24ef8ecd74b9236f51ff3dd17e4dc93c
> >> # Executing section authorize from file
> >> /etc/freeradius/sites-enabled/default
> >> +- entering group authorize {...}
> >> ++[preprocess] returns ok
> >> ++[chap] returns noop
> >> ++[mschap] returns noop
> >> ++[digest] returns noop
> >> [suffix] No '@' in User-Name = "ashkan", looking up realm NULL
> >> [suffix] No such realm "NULL"
> >> ++[suffix] returns noop
> >> [eap] EAP packet type response id 70 length 43
> >> [eap] Continuing tunnel setup.
> >> ++[eap] returns ok
> >> Found Auth-Type = EAP
> >> # Executing group from file /etc/freeradius/sites-enabled/default
> >> +- entering group authenticate {...}
> >> [eap] Request found, released from the list
> >> [eap] EAP/peap
> >> [eap] processing type peap
> >> [peap] processing EAP-TLS
> >> [peap] eaptls_verify returned 7
> >> [peap] Done initial handshake
> >> [peap] eaptls_process returned 7
> >> [peap] EAPTLS_OK
> >> [peap] Session established. Decoding tunneled attributes.
> >> [peap] Peap state send tlv success
> >> [peap] Received EAP-TLV response.
> >> [peap] Success
> >> [eap] Freeing handler
> >> ++[eap] returns ok
> >> # Executing section post-auth from file
> >> /etc/freeradius/sites-enabled/default
> >> +- entering group post-auth {...}
> >> ++[exec] returns noop
> >> Sending Access-Accept of id 13 to 192.168.1.1 port 56950
> >> MS-MPPE-Recv-Key =
> >> 0x6398fd9d9561ea47fa64bf536de9c865b49d11ae9e40ad97653424747c433085
> >> MS-MPPE-Send-Key =
> >> 0x1e5eefc46a70bb8704f9b8bf92eab52609af6e5c695a1e24fcedbe91f7ed2ec3
> >> EAP-Message = 0x03460004
> >> Message-Authenticator = 0x
> >> User-Name = "ashkan"
> >> Finished request 269.
>
> And this is the access accept that doesn't contain the VLAN attributes
> but hostapd
> expects them to be here instead of in the tunneled reply.
>
> I don't know exactly anymore but freeradius has a eap config option
> "use_tunneled_reply" to force this behavior AFAIK ...
>
> HTH,
> Helmut
>
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH 3/3] hostapd dynamic vlans
I submitted the patches and my wireless config looks like :
/etc/config/wireless
config 'wifi-device' 'radio0'
option 'type' 'mac80211'
option 'channel' '11'
option 'macaddr' 'f4:ec:38:fc:11:c8'
option 'hwmode' '11ng'
option 'htmode' 'HT20'
list 'ht_capab' 'SHORT-GI-40'
list 'ht_capab' 'DSSS_CCK-40'
option 'txpower' '23'
option 'country' 'US'
config 'wifi-iface'
option 'device' 'radio0'
option 'network' 'lan'
option 'mode' 'ap'
option 'ssid' 'OpenWrt'
option 'auth_server' '192.168.1.104'
option 'auth_secret' 'testing123'
option 'encryption' 'wpa2+ccmp'
option 'vlan_enable' '2'
I understood that making vlan enable 2 forces hostapd to reject
connection if vlan assignment doesn't come from radius .
my radius sends access-accept but hostapd drops the connection and also no
br-vlan appears on ifconfig .
how can I work this out ?
openwrt r28943 with hostapd-2003
System Log :
> Sep 9 06:07:29 OpenWrt daemon.info hostapd: wlan0: STA 78:e4:00:6c:2f:eb
> IEEE 802.1X: authentication server did not include required VLAN ID in
> Access-Accept
> Sep 9 06:07:29 OpenWrt daemon.warne hostapd: wlan0: STA 78:e4:00:6c:2f:eb
> IEEE 802.1X: authentication failed - EAP type: 25 (PEAP)
freeradius -X output:
>
> [peap] Got tunneled reply RADIUS code 2
> Tunnel-Type:0 = VLAN
> Tunnel-Medium-Type:0 = IEEE-802
> Tunnel-Private-Group-Id:0 := "10"
> MS-MPPE-Encryption-Policy = 0x0001
> MS-MPPE-Encryption-Types = 0x0006
> MS-MPPE-Send-Key = 0xfa4b6928402162dc75ca3c5d3633a544
> MS-MPPE-Recv-Key = 0xdbaf38647954a65f8ff3bd457640aa33
> EAP-Message = 0x03450004
> Message-Authenticator = 0x
> User-Name = "ashkan"
> [peap] Tunneled authentication was successful.
> [peap] SUCCESS
> ++[eap] returns handled
> Sending Access-Challenge of id 12 to 192.168.1.1 port 56950
> EAP-Message =
> 0x0146002b1900170301002005105d3df33ceaaa611deed6ef7ebea0a52aa5a306448fc819ac6b864fb3
> Message-Authenticator = 0x
> State = 0x84bc4e3b83fa57e7caa19a8619269cb1
> Finished request 268.
> Going to the next request
> Waking up in 0.5 seconds.
> rad_recv: Access-Request packet from host 192.168.1.1 port 56950, id=13,
> length=199
> User-Name = "ashkan"
> NAS-Port = 1
> Called-Station-Id = "F4-EC-38-FC-11-C8:OpenWrt"
> Calling-Station-Id = "78-E4-00-6C-2F-EB"
> Framed-MTU = 1400
> NAS-Port-Type = Wireless-802.11
> Connect-Info = "CONNECT 54Mbps 802.11g"
> EAP-Message =
> 0x0246002b190017030100204569670443a923b680717450c026917c7fe46b678375ddf9bb4ee0fc34a5a81b
> State = 0x84bc4e3b83fa57e7caa19a8619269cb1
> Message-Authenticator = 0x24ef8ecd74b9236f51ff3dd17e4dc93c
> # Executing section authorize from file
> /etc/freeradius/sites-enabled/default
> +- entering group authorize {...}
> ++[preprocess] returns ok
> ++[chap] returns noop
> ++[mschap] returns noop
> ++[digest] returns noop
> [suffix] No '@' in User-Name = "ashkan", looking up realm NULL
> [suffix] No such realm "NULL"
> ++[suffix] returns noop
> [eap] EAP packet type response id 70 length 43
> [eap] Continuing tunnel setup.
> ++[eap] returns ok
> Found Auth-Type = EAP
> # Executing group from file /etc/freeradius/sites-enabled/default
> +- entering group authenticate {...}
> [eap] Request found, released from the list
> [eap] EAP/peap
> [eap] processing type peap
> [peap] processing EAP-TLS
> [peap] eaptls_verify returned 7
> [peap] Done initial handshake
> [peap] eaptls_process returned 7
> [peap] EAPTLS_OK
> [peap] Session established. Decoding tunneled attributes.
> [peap] Peap state send tlv success
> [peap] Received EAP-TLV response.
> [peap] Success
> [eap] Freeing handler
> ++[eap] returns ok
> # Executing section post-auth from file
> /etc/freeradius/sites-enabled/default
> +- entering group post-auth {...}
> ++[exec] returns noop
> Sending Access-Accept of id 13 to 192.168.1.1 port 56950
> MS-MPPE-Recv-Key =
> 0x6398fd9d9561ea47fa64bf536de9c865b49d11ae9e40ad97653424747c433085
> MS-MPPE-Send-Key =
> 0x1e5eefc46a70bb8704f9b8bf92eab52609af6e5c695a1e24fcedbe91f7ed2ec3
> EAP-Message = 0x03460004
> Message-Authenticator = 0x
> User-Name = "ashkan"
> Finished request 269.
.
On Mon, Jul 25, 2011 at 5:21 PM, Matthew Bowman wrote:
> Sorry about the incorrect patches. This is a combined patch of the
> "supporting" files.
>
> --- a/package/hostapd/files/hostapd.sh 2011-07-25 14:05:21.0 +0300
> +++ b/package/hostapd/files/hostapd.sh 2011-07-25 16:44:00.0 +0300
> @@ -2,6 +2,7 @@
>local var="$1"
>local vif="$2"
>local enc wpa_group_rekey wps_possible
> + local vlan_enable vlan_file vlan_interface
>
>config_get enc "$vif" encryption
>config_get wpa_group_rekey "$vif" wpa_group_rekey
> @@ -93,6 +94,16 @@
>append "$var" "wpa_key_mgmt=WPA-EAP
