From: K.G.H. N. <kg...@tt...> - 2009-12-02 22:24:59
|
Howdy from Montana, where it's 10 degrees F out, a good time to be inside working on our network. We are longtime Devil Linux users. For years, we have run Devil on a "gateway" Pentium machine, equipped with two ethernet boards, to protect our household LAN computers. Now we want wireless, too, in addition to our wired network, which we want to keep. I have assigned a computer to the updated job and we are trying to configure Devil Linux 1.4RC1, which I recently downloaded and burned to CDR. (Configuration on floppy.) The new gateway machine has: A) an on-motherboard Intel 82801 assigned to eth0, running Devil's e100 driver happily. It is CAT5e connected to our Paradyne 6211 ADSL modem. B) a PCI RTL8029(AS) assigned to eth1, running the realtek driver happily. It is CAT5e connected to our LAN. C) a PCI Belkin Wireless G Desktop Card - Atheros AR2413 802.11bg, assigned in Devil's setup to eth2. running the ath5k driver. It is not happy on boot; Devil reports eth2 as [IPv4]SIOCSIFADDR No such device [FAILED]. I did ask Devil to set up DMZFW3, the three network-card firewall. Our wireless testing equipment is scanty - we have two laptops with wireless. One runs Ubuntu which did not work with the wireless on campus, and one runs Slackware with untested wireless. (Being able to work on and test them is one reason we want wireless here.) We also have a new Wii, which presumably has working wireless if we configure it right. At this time, after a day's configuration work, our wired LAN members do have their normal access to the Internet through the new gateway. I've put several hours into the wireless setup, and feel I'm to the point where I could really benefit from some help from experienced people who understand wireless setup for Devil. Here's what I think I've figured out so far: ath5k sets up device wlan0, not eth2 I can log in the to gateway as root, and then interactively configure the wireless card: ifconfig wlan0 (LAN ip I want to point the wireless at, as the wireless gateway/access point) netmask 255.255.255.0 iwconfig wlan0 essid (security alphanumeric SSID string, currently 8 chrs) ifconfig wlan0 down iwconfig wlan0 mode managed key (security WEP string hex 10 digits) ifconfig wlan0 up ifconfig and iwconfig now see wlan0 save-config does not make these configuration changes last through the next boot, nor does going into setup and choosing "Save your configuration". When I configure manually as shown above, ifconfig wlan0 says UP BROADCAST MULTICAST, but when I test with the Wii, it is not successful. (Wii setup: Wireless connection/manual setup/SSID to match/WEP to match/advanced IPs/advanced DNSs/no proxy). The Wii manual's troubleshooting says "check the signal strength", but doesn't explain how. (I assume the default wlan0 Frequency: 2.412 GHz is OK for the Wii as the Wii manual does not specify what the unit can accept.) I copied etc-mods.tar.bz2 from the Devil configuration floppy to another (Win2000pro) machine and used 7zip to extract etc-mods.tar, which can then be opened with WinZip. The etc-mods\sysconfig\nic\ifcfg-eth2 file contains DEVICE=eth2 ONBOOT=yes MODULE="ath5k" DHCP=no IP="(LAN ip I want to point the wireless user machines at)" NETMASK="255.255.255.0" BROADCAST="(LAN ip I want to point the wireless users at except the last number is replaced by .255)" I'd like to try setting DEVICE=wlan0, but I don't know how to put the changed file back into the archive so that it appears in the right place to Devil. I've got the Devil 1.3 documentation up on another machine for reference. Questions I'd love answered: A) Is Devil's "DMZ" network card setup appropriate for what I'm trying to do? I don't understand DMZ very well. Wikipedia has a rundown at http://en.wikipedia.org/wiki/DMZ_%28computing%29, which I read with partial understanding. B) How do I tell Devil to use wlan0 as eth2? C) How do I get the wlan0 ip etc configuration to save/load? D) iwconfig says wlan0's Access Point: Not-Associated. Is this proper? E) What range should I expect from the wireless service? The wireless devices are a couple of rooms away from my gateway machine. It's an old frame house. Do I need to move the Wii closer to the gateway or vice versa to get a good test? Thank you for your patience in reading through my description. I look forward to comments and tips from those who know. KGHN |
From: Heiko Z. <he...@zu...> - 2009-12-04 14:56:11
|
> -----Original Message----- > From: K.G.H. Nicholes [mailto:kg...@tt...] > Sent: Wednesday, December 02, 2009 4:25 PM > To: dev...@li... > Subject: [Devil-Linux-discuss] Please assist Devil Linux to provide our > wireless internet access > > Howdy from Montana, where it's 10 degrees F out, a good time to be > inside working on our network. > > We are longtime Devil Linux users. For years, we have run Devil on a > "gateway" Pentium machine, equipped with two ethernet boards, to > protect our household LAN computers. > > Now we want wireless, too, in addition to our wired network, which we > want to keep. I have assigned a computer to the updated job and we are > trying to configure Devil Linux 1.4RC1, which I recently downloaded and > burned to CDR. (Configuration on floppy.) The new gateway machine > has: > A) an on-motherboard Intel 82801 assigned to eth0, running > Devil's e100 driver happily. It is CAT5e connected to our Paradyne > 6211 ADSL modem. > B) a PCI RTL8029(AS) assigned to eth1, running the realtek driver > happily. It is CAT5e connected to our LAN. > C) a PCI Belkin Wireless G Desktop Card - Atheros AR2413 > 802.11bg, assigned in Devil's setup to eth2. running the ath5k driver. > It is not happy on boot; Devil reports eth2 as [IPv4]SIOCSIFADDR No > such device [FAILED]. I did ask Devil to set up DMZFW3, the three > network-card firewall. > > Our wireless testing equipment is scanty - we have two laptops with > wireless. One runs Ubuntu which did not work with the wireless on > campus, and one runs Slackware with untested wireless. (Being able to > work on and test them is one reason we want wireless here.) We also > have a new Wii, which presumably has working wireless if we configure > it right. > > At this time, after a day's configuration work, our wired LAN members > do have their normal access to the Internet through the new gateway. > I've put several hours into the wireless setup, and feel I'm to the > point where I could really benefit from some help from experienced > people who understand wireless setup for Devil. > > Here's what I think I've figured out so far: > ath5k sets up device wlan0, not eth2 > I can log in the to gateway as root, and then interactively configure > the wireless card: > ifconfig wlan0 (LAN ip I want to point the wireless at, as the > wireless gateway/access point) netmask 255.255.255.0 > iwconfig wlan0 essid (security alphanumeric SSID string, currently 8 > chrs) > ifconfig wlan0 down > iwconfig wlan0 mode managed key (security WEP string hex 10 digits) > ifconfig wlan0 up > ifconfig and iwconfig now see wlan0 > save-config does not make these configuration changes last through the > next boot, nor does going into setup and choosing "Save your > configuration". > > When I configure manually as shown above, ifconfig wlan0 says UP > BROADCAST MULTICAST, but when I test with the Wii, it is not > successful. (Wii setup: Wireless connection/manual setup/SSID to > match/WEP to match/advanced IPs/advanced DNSs/no proxy). The Wii > manual's troubleshooting says "check the signal strength", but doesn't > explain how. (I assume the default wlan0 Frequency: 2.412 GHz is OK > for the Wii as the Wii manual does not specify what the unit can > accept.) > > I copied etc-mods.tar.bz2 from the Devil configuration floppy to > another (Win2000pro) machine and used 7zip to extract etc-mods.tar, > which can then be opened with WinZip. The etc- > mods\sysconfig\nic\ifcfg-eth2 file contains > DEVICE=eth2 > ONBOOT=yes > MODULE="ath5k" > DHCP=no > IP="(LAN ip I want to point the wireless user machines at)" > NETMASK="255.255.255.0" > BROADCAST="(LAN ip I want to point the wireless users at except the > last number is replaced by .255)" > > I'd like to try setting DEVICE=wlan0, but I don't know how to put the > changed file back into the archive so that it appears in the right > place to Devil. Edit the file directly under DL (using vi, joe or even mc). cd /etc/sysconfig/nic/ Rename ifcfg-eth2 to ifcfg-wlan0 and (as you already guessed) change the DEVICE line to DEVICE=wlan0 . Take a look at the file ifcfg-eth4.sample , which has examples for a wireless setup. You can easily test if the changes work with: /etc/init.d/network restart (Of course this will affect other users currently using the gateway.) > I've got the Devil 1.3 documentation up on another machine for > reference. > > Questions I'd love answered: > A) Is Devil's "DMZ" network card setup appropriate for what I'm trying > to do? I don't understand DMZ very well. Wikipedia has a rundown at > http://en.wikipedia.org/wiki/DMZ_%28computing%29, which I read with > partial understanding. > B) How do I tell Devil to use wlan0 as eth2? > C) How do I get the wlan0 ip etc configuration to save/load? > D) iwconfig says wlan0's Access Point: Not-Associated. Is this proper? > E) What range should I expect from the wireless service? The wireless > devices are a couple of rooms away from my gateway machine. It's an > old frame house. Do I need to move the Wii closer to the gateway or > vice versa to get a good test? > > Thank you for your patience in reading through my description. I look > forward to comments and tips from those who know. I don't think the 'dmz' firewall setup in DL is what you're looking for. Our FW rules are meant to be a fairly secure starting point, but need customizations depending on the user's environment. You may be best of using the Shorewall scripts to configure the firewall. I think they're simpler to use. It's been a very long time since I used DL as an access point and I really don't remember too much. I think I had to do something else to get it into AP mode. See what you can find on google about that topic (not DL specific). It is very important that you use some kind of encryption. I use a Linksys wireless router as my AP (with WPA enabled to keep the neighbors and script kiddies out), but do the following: Access to the LAN (wired network) is only allowed via openvpn, access from the wireless network to the Internet I didn't restrict (which makes my Wii and Blueray happy). This setup serves me well and is pretty secure. Heiko |