[PLUG] Creating linux based wireless access point, tips/pointers requested

Tim tim-pdxlug at sentinelchicken.org
Mon Feb 11 23:33:19 UTC 2008


Hi Tim,

On Mon, Feb 11, 2008 at 03:04:55PM -0800, Timothy Selivanow wrote:
> I'm trying to make a wireless access point using CentOS 5 with an
> Atheros based WiFi NIC (Atheros Communications, Inc. AR2413 802.11bg NIC
> (rev 01)) and using the madwifi drivers from ATrpms.net
> (madwifi-0.9.3.3-39.el5).

Atheros is a good chipset choice, though only time will tell if they
manage to get it more stable.  I've used an Atheros card in my laptop
for many arcane purposes.

> Basically, I'd like to know what other people have done and if they have
> any tips/pointers.  I'd like to keep as close as possible to doing
> things "the Red Hat way", as that (I'm assuming) should limit the amount
> of complexity in maintenance and reproducibility.

At first I thought you were joking, but then I realized you were
serious... =P  Not a fan of Red Hat here, or any distro based on it.
But to each his own. 

> I have briefly looked at hostapd, and may create a package for that
> eventually (all software needs to be in a package, that way things can
> be trivially reproduced), but I'm not sure I need that much
> functionality.

I have only used hostapd for running APs.  It is probably going to be
the easiest solution if you want to do anything more complicated than
unencrypted networks.

> I'd like to be able to run multiple networks/virtual interfaces on it,
> starting configuration will be routed not bridged.

Note that while the Atheros drivers can in theory run a multitude of
virtual interfaces of different types, this is often not the case in
practice.  There are often problems when trying to create several
virtual interfaces of different types.  For one thing, you have to
create them in a certain order.  I have found trying to run an AP at
the same time as a STA interface (client) is quite unstable.

I can't say that I'm an expert on the drivers and such for this.  The
primary purpose of my use of it was to perform penetration tests against
corporate networks (yes, these were sanctioned, legal, we got paid,
etc).  We would set up the Atheros card as an AP and lure unsuspecting
laptop users into connecting to our "AP".  From there we'd attack
desktops directly.  It's remarkable how foolish Windows is with
selecting networks to use even when laptops are also connected to hard
lines... 

In any case, I've only ever tried creating a single AP at a time.


> Questions, Comments, Screams-of-outrage, moral or immoral indignations?


In terms of managing the services you'd need to run for this, I'd
recommend using something like daemontools[1] or runit[2].


Good luck!
tim


1. http://cr.yp.to/daemontools.html

2. http://smarden.org/runit/




More information about the PLUG mailing list