注册 登录  
 加关注
查看详情
   显示下一条  |  关闭
温馨提示!由于新浪微博认证机制调整,您的新浪微博帐号绑定已过期,请重新绑定!立即重新绑定新浪微博》  |  关闭

zhouhaigang.love的博客

喜欢冬日黄昏那冻住的山

 
 
 

日志

 
 

2011年07月22日  

2011-07-22 18:32:28|  分类: linux开发 |  标签: |举报 |字号 订阅

  下载LOFTER 我的照片书  |

Routed Client with relayd (Pseudobridge)

In the default configuration, OpenWrt bridges the wireless network to the LAN of the device. Most wireless drivers do not support bridging in client mode (see Bridged Client Mode Issues), therfore the traffic between LAN and the wireless client must be routed. The relayd package helps to implement a bridge-like behaviour with DHCP and Broadcast relaying comparable to the proprietary Broadcom WET mode.

Relayd Topology

The steps outlined below cover the process of putting the radio into client mode and linking it with the LAN interface with the help of relayd.

:!: In order to use this setup, you first must install the relayd package, if it is not present on the system yet.

Configuration

The changes below assume an OpenWrt default configuration, the relevant files are:

Before doing any actual configuration, the wifi interface must be enabled in order to be able to scan for networks in the vincinity:

uci set wireless.@wifi-device[0].disabled=0  uci commit wireless  wifi

  • Set the disabled option to 0 (to enable wireless)
  • Save changed configuration file
  • Start wireless using the wifi command

Now we can issue the iwlist scan command to list networks in range, the required information is highlighted:

root@OpenWrt:~# iwlist scan wlan0 Scan completed : Cell 01 - Address: 00:16:01:0A:B2:8F Channel:11 Frequency:2.462 GHz (Channel 11) Quality=70/70 Signal level=-33 dBm Encryption key:on ESSID:"xmff-relay" Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 18 Mb/s 24 Mb/s; 36 Mb/s; 54 Mb/s Bit Rates:6 Mb/s; 9 Mb/s; 12 Mb/s; 48 Mb/s Mode:Master Extra:tsf=000000173feaf1b7 Extra: Last beacon: 100ms ago IE: Unknown: 000A786D66662D72656C6179 IE: Unknown: 010882848B962430486C IE: Unknown: 03010B IE: Unknown: 2A0100 IE: Unknown: 2F0100 IE: Unknown: 32040C121860 IE: Unknown: DD090010180201F0000000 IE: WPA Version 1 Group Cipher : TKIP Pairwise Ciphers (1) : TKIP Authentication Suites (1) : PSK Cell 02 - Address: 00:14:BF:16:D4:DF Channel:1 Frequency:2.412 GHz (Channel 1) Quality=23/70 Signal level=-87 dBm Encryption key:on ESSID:"Morpheus" Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 18 Mb/s 24 Mb/s; 36 Mb/s; 54 Mb/s Bit Rates:6 Mb/s; 9 Mb/s; 12 Mb/s; 48 Mb/s Mode:Master Extra:tsf=0000019e5b85538f Extra: Last beacon: 11580ms ago IE: Unknown: 00084D6F727068657573 IE: Unknown: 010882848B962430486C IE: Unknown: 030101 IE: Unknown: 2A0100 IE: Unknown: 2F0100 IE: Unknown: 32040C121860 IE: Unknown: DD06001018020004 IE: WPA Version 1 Group Cipher : TKIP Pairwise Ciphers (1) : TKIP Authentication Suites (1) : PSK Cell 03 - Address: 00:1A:4F:8F:48:50 Channel:4 Frequency:2.427 GHz (Channel 4) Quality=26/70 Signal level=-84 dBm Encryption key:on ESSID:"FRITZ!Box Fon WLAN 7141" Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s Bit Rates:6 Mb/s; 9 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s 36 Mb/s; 48 Mb/s; 54 Mb/s Mode:Master Extra:tsf=00000044688c8235 Extra: Last beacon: 500ms ago IE: Unknown: 0017465249545A21426F7820466F6E20574C414E2037313431 IE: Unknown: 010482848B96 IE: Unknown: 030104 IE: Unknown: 2A0107 IE: IEEE 802.11i/WPA2 Version 1 Group Cipher : TKIP Pairwise Ciphers (1) : CCMP Authentication Suites (1) : PSK IE: Unknown: 32080C1218243048606C IE: WPA Version 1 Group Cipher : TKIP Pairwise Ciphers (1) : TKIP Authentication Suites (1) : PSK IE: Unknown: DD0A0800280101000200FF0F IE: Unknown: DD180050F2020101800003A4000027A4000042435E0062322F00
  • ESSID is the name of the network
  • Channel specifies at which frequency the corresponding network is operating on
  • The lines starting with IE: report which encryption capabilities are supported by the access point:
    • IEEE 802.11i/WPA2 Version 1 indicates WPA2
    • WPA Version 1 indicates WPA
    • If both WPA and WPA2 are present, the network is most likely operating in WPA/WPA2 mixed mode

Step 1: Create an interface for the wireless station

Edit /etc/config/network and add a new interface, for example wwan, with proto set to dhcp:

config 'interface' 'wwan' option 'proto' 'dhcp'

Note that no ifname is required here since the wireless network will reference this section later.

UCI CLI commands:

uci set network.wwan=interface  uci set network.wwan.proto=dhcp  uci commit network  

Step 2: Declare a relay interface

Add another new interface to the network configuration, this time with the special protocol relay:

config 'interface' 'stabridge' option 'proto' 'relay' option 'network' 'lan wwan'

The existing lan network and the newly created wwan network are grouped together here.

UCI CLI commands:

uci set network.stabridge=interface  uci set network.stabridge.proto=relay  uci set network.stabridge.network="lan wwan"  uci commit network  

Step 3: Change the existing wireless network

Supposed we want to connect to the network called "xmff-relay", the previous scan result revealed the following information:

  • ESSID is xmff-relay
  • Channel is 11
  • The network uses WPA(1) mode


In /etc/config/wireless, locate the existing wifi-iface section and change its network option to point to the newly created interface. Change the mode option to sta (Station) and alter the encryption options to match those of the target network.

config 'wifi-device' 'radio0' option 'type' 'mac80211' … option 'channel' '11' config 'wifi-iface' option 'device' 'radio0' option 'network' 'wwan' option 'mode' 'sta' option 'ssid' 'xmff-relay' option 'encryption' 'psk' option 'key' 'secret-key'

Step 4: Disable the local DHCP server

Since DHCP requests from LAN will be answered by the wireless AP the router is connecting to, the local DHCP server must be disabled in order to avoid collisions later on.

Edit /etc/config/dhcp and locate the existing DHCP pool for LAN and mark it as ignored:

config 'dhcp' 'lan' option 'interface' 'lan' option 'start' '100' option 'limit' '150' option 'leasetime' '12h' option 'ignore' '1'

It also possible to simply remove or comment the whole section.

UCI CLI commands:

uci set dhcp.lan.ignore=1  uci commit dhcp

Step 5: Adjust the firewall

In contrast to true bridging, packets forwarded by relayd are handled by the normal routing system internally, this means they're also affected by firewall policies set on LAN.

Edit /etc/config/firewall and locate the existing LAN zone definition, add the new wwan to it in order to apply the same policies on LAN and the wireless client.

config 'zone' option 'name' 'lan' option 'input' 'ACCEPT' option 'output' 'ACCEPT' option 'forward' 'ACCEPT' option 'network' 'lan wwan'

OpenWrt, by default, ships a firewall configuration which disallows forwarded traffic within the LAN zone, means packets are not allowed to travel between multiple interfaces within it.

As outlined above, the forward policy was set to ACCEPT and both the lan and the wwan networks are configured as members of the LAN zone.

UCI CLI commands:

uci set firewall.@zone[0].forward=ACCEPT  uci set firewall.@zone[0].network="lan wwan"  uci commit firewall

Apply changes

Reload the DHCP service.

/etc/init.d/dnsmasq restart

Reload the firewall.

/etc/init.d/firewall restart

Reconfigure the wireless network.

wifi down; wifi

If the target network uses the 192.168.1.0/24 subnet, you must change the default LAN IP address to a different subnet, e.g. 192.168.2.1 .
You can determine the assigned wifi address with the following command:
uci -P/var/state get network.wwan.ipaddr  10.11.12.35
UCI CLI commands to change the default LAN IP address to a different subnet is:
uci set network.lan.ipaddr=192.168.2.1  uci commit network  reboot

At this point, the relayed client configuration should be finished.

Enable access from main network

After this the relay should work, however you will have trouble reaching the router from the main network. To get to it you'll need to manually set the IP address on your computer to an IP address on the same subnet (like 192.168.2.201 if you set the router ip to 192.168.2.1).

This is kind of tedious, but you can set things up so you can get it from the main network.

Run ifconfig and take note of the IP address assigned to wlan0. Then tell the relayd that this is the routers IP address with the following config.

uci set network.stabridge.ipaddr=192.168.1.35  uci commit network  

You should make sure the main router is statically assigning the relay router the same IP address all the time.

Back to top

doc/recipes/relayclient.txt · Last modified: 2011/05/26 20:56 by written_direcon

  评论这张
 
阅读(7852)| 评论(0)
推荐 转载

历史上的今天

评论

<#--最新日志,群博日志--> <#--推荐日志--> <#--引用记录--> <#--博主推荐--> <#--随机阅读--> <#--首页推荐--> <#--历史上的今天--> <#--被推荐日志--> <#--上一篇,下一篇--> <#-- 热度 --> <#-- 网易新闻广告 --> <#--右边模块结构--> <#--评论模块结构--> <#--引用模块结构--> <#--博主发起的投票-->
 
 
 
 
 
 
 
 
 
 
 
 
 
 

页脚

网易公司版权所有 ©1997-2018