[Devil-Linux-discuss] Devil Linux wireless internet access - followup - not there yet

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

12/6/2009
Thanks, Heiko, you sent me a very helpful message.

I realized it could be helpful to someone helping me if I am more clear about what I am trying to do, so I'll start there.  We have a wired LAN of 3 hubs, connected by BNC co-ax.  The hubs are distributing signals on CAT5e ethernet to about 10 assorted Linux & Win OS computers.  (A legacy situation, obviously.)  We have ADSL service that is connected, on arrival from our ISP, through a plain non-wireless Paradyne 6211 modem.  Between that modem and our wired LAN is a "gateway" firewall computer running Devil Linux.  For years we had just two ethernet cards and Devil has served us well.
	Now we would like to add wireless internet access to our building.  We don't care whether the machines receiving wireless can see the wired LAN members, they just need to be able to reach the internet.  So far, the machines wanting to use wireless are a Wii and two linux laptops (one Slackware and one Ubuntu.)

Big overview questions, read on before answering:  Can you confirm that Devil Linux is a good choice for this three-network-card "gateway" project?  Is our Belkin Wireless G Desktop Card - Atheros AR2413 802.11bg - adequate?  Should I aim for a full Master-mode "access point" or a more modest Ad-Hoc peer-to-peer wireless configuration?  (I am not sure the Wii can talk to an Ad-Hoc, but the Wii's access is not as important as the laptops.)

In your message you said,
"Edit the file [ifcfg-eth2] directly under DL (using vi, joe or even mc).
cd /etc/sysconfig/nic/
Rename ifcfg-eth2 to ifcfg-wlan0 and (as you already guessed) change the
DEVICE line to DEVICE=wlan0 .
Take a look at the file ifcfg-eth4.sample , which has examples for a wireless setup.
You can easily test if the changes work with:
/etc/init.d/network restart
(Of course this will affect other users currently using the gateway.)"

On my Devil 1.4RC1 system, there is no /etc/sysconfig/nic/ directory, but 
ifcfg-* appears in 
  /shm/etc-mods/sysconfig/nic/ and
  /shm/etc/sysconfig/nic/
(Also /etc-cd/sysconfig/nic/ has .sample files.)  I believe the etc-mods.tar.bz2 configuration file that gets saved to the floppy by save-config contains the etc-mods tree (and a single file in a root directory.)

So, in /shm/etc-mods/sysconfig/nic/ifcfg-eth2, I tried changing (using vi) DEVICE=eth2 to
  DEVICE=wlan0
save-config/restart.  Yes!  The wireless card as wlan0 now boots to an UP BROADCAST MULTICAST state per ifconfig.  (ifconfig also added an entry for wmaster0.)

While waiting for your answer, I did find the ifcfg-*.sample series you mention, and they are enlightening, especially "eth4" relating to a wireless setup.  I did
  man iwconfig
as the sample file suggests in a comment, but only some of the parameters seem to work for me in the ifcfg-eth2 file.  For example,
  KEY=NNNNNNNNNN or
  ENC=NNNNNNNNNN in ifcfg-eth2 doesn't seem to take (with or without quotes around the hex number), though interactively
  iwconfig wlan0 key 1234567890
or
  iwconfig wlan0 enc 1234567890
works fine and sets the encryption key to 1234-5678-90.

I have also figured out that if I modify the files in /shm/etc-mods/sysconfig/nic, and then do save-config, the modifications are written to the floppy and are used in the next boot.  Your suggestion to 
  /etc/init.d/network restart
is a pretty handy command for on-the-fly configuration testing, though it does not seem to reset the devices to all their defaults before applying the ifcfg- commands.  It's much faster than writing/rebooting, thank you.

Here's my current ifcfg-eth2 file:
DEVICE=wlan0
MODULE="ath5k"
WIRELESS=yes
ONBOOT=yes
MODE=Ad-Hoc
ESSID=(security alphanumeric SSID string, currently 8 chrs)
ENC=(security WEP string hex 10 digits, a-f in lowercase)
RATE=auto
DHCP=no
IP="(LAN ip I want to point the wireless at, as the wireless gateway/access point)"
NETMASK="255.255.255.0"
BROADCAST="(same as IP except .255)"

I tried renaming /shm/etc-mods/sysconfig/nic/ifcfg-eth2 to ifcfg-wlan0 as you suggested.  With the rename, after a save-config/reboot, ifconfig doesn't see wlan0 unless I give it the -a parameter, so it's there but not UP.  iwconfig does not show wlan0 configured beyond its defaults, and Tx-Power=0 dBm.  ("ifconfig wlan0 up" changes that to 27 dBm.)  If I /etc/init.d/network restart, iwconfig wlan0 does not show any changes to dummy settings I made interactively with iwconfig before the restart, so I gather that the ifcfg-wlan0 file is not being processed under the new name.
	I suspected that the name "eth2" is specified in some other configuration file that lists the network's devices and calls for the ifcfg- files to be processed.  I unpacked the floppy's bz2 on my Win2000 machine and searched for the string "eth2".  It's there, in firewall.rules 
  DMZ_DEV=eth2	# DMZ network
and .viminfo has several mentions of 
  /shm/etc-mods/sysconfig/nic/ifcfg-eth2
Neither file mentioned wlan0.  I think I'll try editing them...  Made the single change in firewall.rules to
  DMZ_DEV=wlan0	# DMZ network
Hmmm, /shm/root/.viminfo seems to include several mentions of ifcfg-wlan0, even ifcfg-master0.  A vi change log?  I think I'll leave that alone.  ":q!"
	So I went back to the name ifcfg-eth2.  (Should I change the firewall.rules file back?)

OK, When I restart the network, or reboot, with ifcfg-eth2, I see 
  Setting wireless options for interface wlan0Error for wireless request "Set Mode" (8B06) : SET failed on device wlan0 ; Device or resource busy
I have found that interactively I need to 
  ifconfig wlan0 down
before I can "iwconfig wlan0 mode (option)" without an error, then
  ifconfig wlan0 up
I am not sure how to do this in the configuration file.  Does the order of the lines matter?  I tried swapping them around some to put the iwconfig-type commands before the ifconfig-type commands (the file as listed above) but it didn't seem to help.  wlan0 comes up in "Managed" mode as default, and I wonder if there is a way to get it to work in that mode... seems unlikely.

Hmmm, when I edit ifcfg-eth2, or add a new file (ifcfg-master0, for example) to 
  /shm/etc-mods/sysconfig/nic/
my change immediately shows up in
  /shm/etc/sysconfig/nic/
This apparently works vice versa, too.  The .sample files only are in /shm/etc/sysconfig/nic/, though.  (I bet they link similarly to /etc-cd/sysconfig/nic/.)

As I am booting now (or a /etc/init.d/network restart), the process sets wlan0 and also another link called wmaster0 UP.  When I hopefully Googled wmaster0, I gathered it's not likely to be helpful to me.  (The experimental ifcfg-master0 file I created is now erased.)

I am not sure my Atheros AR2413 802.11bg card with Devil's ath5k driver can be an access point.  When I
  iwconfig wlan0 mode Master
it complains SET failed on device wlan0 ; Invalid argument
It takes 
  iwconfig wlan0 mode Ad-Hoc
happily, and also Managed.  We have no other wireless around, so I gather Managed isn't applicable - there's no Master machine to manage this service.  Can I use Ad-Hoc and talk to our few other machines peer-to-peer?

In setup, Devil 1.4RC1 presents only two firewall options, FW2 two-network-card and DMZFW3 three-card-with-DMZ.  Can I use one of these, or am I better off modifying a configuration file?  I see /shm/etc/init.d/firewall.rules and firewall.rules.2nic and firewall.rules.3nic, perhaps the latter two are useful sample files.

You said,
  "I don't think the 'dmz' firewall setup in DL is what you're looking for. Our FW rules are meant to be a fairly secure starting point, but need customizations depending on the user's environment.  You may be best of [off] using the Shorewall scripts to configure the firewall. I think they're simpler to use."
	I am a programmer, but don't know the bash(?) script language.  If we can make life simple and use the DMZ firewall as Devil hands it to me, it would help us get up and running much quicker.

How do I let Devil know which encryption scheme I want to use?  On the Wii I've been choosing WEP (our town has 4 houses) for testing.  (The Wii doesn't seem to have an "encryption off" choice.  I am not sure what happens if I choose WEP and leave the key blank.)

FYI Wii setup: Wireless connection/manual setup/SSID to match/WEP to match/advanced IPs/advanced DNSs/no proxy.  I have never set up a Wii before and might not be doing it right.  The Wii manual's troubleshooting says "check the signal strength", but doesn't explain how.  I assume the default wlan0 Frequency: 2.412 GHz is OK for the Wii as the Wii manual does not specify what the unit can accept.
	I am located in "cow country", rural central Montana, so I don't have easy access to any working wireless access points to test my laptops on.  Our valley doesn't even have cell phone service...

As you suggested, I googled "linux access point" and variations thereon, and found advice like, 
  "If you can't set the device into master mode with iwconfig, it isn't going to work with anything else." and 
  "I thought that putting a device into master mode was so easy, but so far I have not come across one single interface that accepts this via iwconfig."
I think maybe my Belkin/Atheros just isn't suitable to be an access point device.  That's why I'm wondering if Ad-Hoc will work for me.

Thanks for describing the setup you use, and recommending openvpn.  (Which linux distro?)  If I ever get a wireless router, I may try that approach.  For now, I'm hoping I can use the equipment on hand and be happy with just basic access.

Thanks very much for sharing your expertise.  How neat you have a Wii, too.  I hope this long post isn't too much to ask.

KGHN