Linux Firmware For Some 802.11b Access Points

drwho writes "This just unveiled at the BAWUG meeting tonight: Linux firmware for Access Points. Check this URL for more info. I haven't tried it yet but it looks great!" The upshot is that certain Access Points can be flashed with a stripped-down Linux system, which makes them more flexible than they'd be under the included firmware. There are even some screenshots of a modded access point booting up.

2.4.x

[tulare]

A quick thought - iptables on an access point? That I like. Think of all the possiblities...

Re:2.4.x

[autocracy]

Other quick thought - wouldn't that take up all the RAM while processing packets?

Re:2.4.x

[1010011010]

Another thought:

IPSec on the access point. Screw WEP!

Re:2.4.x

[tulare]

Not a bad point, actually. I don't imagine that you could run all the packets through some 500-line list of various netfilter errata. What I had in mind would be more like

1. iptables -A INPUT -s --source-mac [mac address of my allowed devices] -j ACCEPT
2. 
   iptables -P INPUT DROP
   iptables -t nat -A POSTROUTING -o [er, whatever the interface is called] -j MASQUERADE

Not neccessarily complete or accurate in terms of syntax, but you get the gist. Nothing requiring too much memory usage, but enough to ensure you can limit the use of the access point to trusted devices.

Re:2.4.x

[louissypher]

With the embedded processor that those access points have (16.4 BogoMips), forget IPSEC.

Re:2.4.x

[Nectar]

Screw WEP anyway. You don't need anything special on the access point for IPsec: just configure your mobile units to use IPsec, and tunnel through some other host or use transport mode.

Re:2.4.x

[medcalf]

Just get an airport base station as your 802.11 access point, and then configure it to only accept connections from MACs you trust, using the appropriate box in the GUI. Oh, wait, that wouldn't be as much fun. It's too easy.

Re:2.4.x

[autocracy]

It's not fun, it's flexibility (and I approve of the airport very much - that feature it quite nice). However, my interest is more along the lines of actual firewalling (and many things that often bleed into it) such as port restricions, QoS, and redirection. Sure, the smart thing to do is buy computer and underclock the proc while sticking a WLan card in it, but this would cost less...

Re:2.4.x

[sderle]

Yer damn right. Have you taken a look at NoCatAuth yet? As it happens we're working on a C port that should run comfortably on one of these. Join the mailing list to find out more.

Re:2.4.x

[Dwonis]

You *do* realize that the MAC can be spoofed, right?

Sweet!

[jiminim]

So now I can run Seti on my AP?

Re:Sweet!

[mbyte]

> So now I can run Seti on my AP ?

yes. with 16 bogomips (according to screenshot ;)

Re:Sweet!

[linzeal]

Seti@home would have to port to the little amd proc in there as no source code is available for obvious reasons.

firewall replacement

[47PHA60]

One thing that irks me to no end is that my home firewall is a noisy old Pentium 200 with disks and fans. I've been looking into embedded systems to do this, and the current access points I've seen are not effective firewalls at all; no logging, and they don't _reall_ block everything, even though they say they do. A small Linux kernel which does not need to be built up with support for PCI, two ethernet cards, disks and multiple filesystems might just do the trick.

Re:firewall replacement

[linzeal]

Underclock the proc and run it without a fan but get a big cheap socket 7 heatsink and get an rpm adjustable fan that will rev up and down according to a temparture probe included. I have an amd 500mhz underclocked to 375mhz without a fan that runs my firewall.

Re:firewall replacement

[parc]

I'm using a diskless setup on FreeBSD with an Intel NIC. Boots in about 15 seconds, and the only noise is the power supply and CPU fan. I can probably get rid of the CPU fan. I might even try cutting the PS fan, since the load on the PS is next to nothing.

Re:firewall replacement

[Raptor+CK]

How about this?

Two 10/100 ports, 1 serial port, one Mini-PCI slot, two PCMCIA/CardBus slots.
Granted, it's not out just yet, but you could make it handle wireless, inbound traffic, and two internal segments fairly easily.

The only problem is the dependence on CF. Logging isn't generally a good idea to media that can't handle excessive writes. While a Microdrive would fare better, it would also cost much more.

Re:firewall replacement

[Howie]

I use it as my MP3 server.

Without any disks?

Re:firewall replacement

[Etyenne]

syslogd -r

Re:firewall replacement

[Raptor+CK]

Which I figured was somewhat obvious, but also not that great of an idea, since hard drives tend to make a lot of noise, too.

If he's trying to phase out the use of an old pentium box, it's generally not advisable to hook up the same old pentium box as a syslog server.

Re:firewall replacement

[Raptor+CK]

They make a Mini-PCI card to offload crypto to. Clever, those guys.

I've been drooling over the boards for a while, since it'd give me exactly what I want. Firewall, Wireless AP, NAT and DMZ management, DHCP, all in a silent, small package, running FreeBSD. Even the ability to secure it. Just set it to mount the FS read only, and walk away.

Slogan

[Hougaard]

I Like their slogan:

"All your base stations are belong to us"

.. Sense of humor :)

Mirror of Screenshots

[NewbieSpaz]

Here: http://kevindustries.com/screens.html

Re:Mirror of Screenshots

[Mignon]

Moderation Totals: Redundant=1, Informative=1, Total=2.

When I first saw this post, I thought - what a jackass moderator, marking this post as redundant. I mean, he's just trying to help. Then I realized that that's exactly what posting a mirror is: redundant and informative.

Finally

[mattyohe]

Multi-point to Multi-point works with this solution... its funny how going to linux solves my problems

Same Some Bucks?

[blitzrage]

I think that this is a cool idea. You can now upgrade and fix bugs, security holes etc.. yourself instead of having to wait for the vendor to do it (if they do it). Not to mention if you have a really old AP, maybe you can get it out and play around with Linux on it. This could allow you to take old AP's that people are pretty much throwing out, and recycle them. Might save you a few bucks. That'd be cool.

Great

[Yarn]

I may try this, as long as I can rollback to the original firmware ;)

(I have the SMC ezconnect 2652 AP)

The site is getting slower and slower so I may have to wait until next week before I find out :/

I also wonder how much WEP it supports

Re:Great

[Yarn]

After thinking about it on my walk home I've decided against it. With only ~16bogomips I doubt I could do anything particularly interesting with it. The IPSEC idea someone posted would probably take far too long to even exchange keys for any other device to happy talk to it.

I saw someone intending to limit access to it by MAC. I hope they realise that faking a MAC address is extremely trivial.

FAQ and SS mirror

[MentlFlos]

FAQ: http://draco.meatbarn.com/OpenAP/faq.html

SS1: http://draco.meatbarn.com/OpenAP/screenshot_boot_1 .jpg
SS2: http://draco.meatbarn.com/OpenAP/screenshot_boot_1 .jpg
SS3: http://draco.meatbarn.com/OpenAP/screenshot_boot_1 .jpg

Hmm, security?

[RC514]

After the initial install with the SRAM card the access point can be upgraded over the network.

Does that mean the vendors of access points do not write protect the operating system on the hardware level? Or are future modifications only possible when the jumper remains in the upgrade position? If the jumper becomes meaningless after the upgrade, its implementation is a serious design flaw and an undetected rooting waiting to happen.

Re:Hmm, security?

[Bruce+Perens]

Before the upgrade to Linux, you have to open the box. After the upgrade, Linux and your own software are what protects whether or not a network upgrade is allowed. You have to become root on the box to do it.

Bruce

Re:802.11b ?

[Hougaard]

802.11b is wireless LAN. 11Mbit (With fallback to 5 and 2). A good reference is Nokia since they produce a complete setup.

Nokia Wireless LAN

I'm using (Nokia) 802.11b for all my home stuff now. No more cables running across the floor (This is really a wife pleaser :). Even my printers are connected on a miniport (To a jet direct box) and mounted on a little mobile table.

Hardware

[Cybersonic]

in case your curious, this works on access points using the Eumitcom WL11000SA-N boards...
( ref: http://opensource.instant802.com/hardware.php )
Tested: US Robotics 2450, SMC EZconnect 2652W

Time to buy an SMC for me :)

How are they doing bridging?

[tzanger]

AFAIK, the bridging code is loaded to the PCMCIA card each boot. Did they manage to keep the file and just replay it or did they reverse-engineer the bridging code?

Not that I am really concerned, bridging a wireless LAN to your wired LAN is bad news unless there is zero need for security (aka my home).

Re:How are they doing bridging?

[irregular_hero]

The "bridging code" is standard Linux bridging. I think what you're referring to is the "Host AP" or "Infrastructure" mode of the wireless card inside the AP.

If the card is based on the Prism chipset, there's already a Linux driver that will operate the card in Host AP mode by implementing some of the functions normally present in the access point's Infrastructure mode in user space. Other things are handled by the card.

For example, the card itself will handle time-dependent functions like beacon-sending. And it will handle hardware-dependent functions like WEP encrypt-decrypt (optionally). But the association table and all the rest of the functions are part of user space.

Incidentally, you don't need the Host AP driver for your Wireless card to operate a bridged network. Oddly enough, the bridge code in the Linux kernel functions just fine with a wireless card in Peer-to-Peer mode -- it is, after all, just another interface to the kernel itself. What you won't get in peer to peer is sophisticated association handling -- that means that the signal strength meter in your wireless tools won't work exactly right in most commercial packages.

Re:How are they doing bridging?

[Fluffy+the+Cat]

No, the APs in question appear to be based on the Intersil Prism-II chipset. This supports a "host-AP" mode, which allows it to work as an access point without requiring special firmware. At that point you can just use the standard Linux kernel bridging code.

Re:How are they doing bridging?

[Multispin]

The Linux bridge code doesn't work with many wireless cards (Orinoco and cisco) because the cards themselves didn't allow transmission with an arbitrary MAC address. I think bridge mode is possible with the PrismII cards.

Re:AirPort

[Strog]

Don't need to configure that much

You mean can't configure much. The original airports are the same as the Orinoco RG-1000 and each one is its own wireless network. The Orinoco has a better range for some reason. Better antenna? They released an updated firmware on the RG-1000 that would allow you to change the network name. I used it to change the network name of my boss's home one to the same network name as the AP at work. This makes the RG-1000 a lot more versatile. Is there an update for the airports that anyone is aware of? Anyone daring enough to try the Orinoco update on the airport?

Re:Airport Killer!!

[Sc00ter]

Why is this an airport killer? The airport base station is easy to configure, easy to use, and the new one even has a trusted lan connection that you can set other permissions to. There's windows/linux software to configure it.

Why would I run this linux thing over the OS that's already on the Airport, an OS that's specifically designed for this operation.

Can I use this to turn my old notebook into an AP?

[mocm]

I have been looking for a reliable software that can be used to turn a notebook into an AP. There is
a driver for prism2 cards which works well enough, but lacks roaming support and in the latest version
WEP doesn't seem to work.
I had been looking for AP software under Linux, but the prism2 card combined with bridging in the kernel
was all I could find. It works, but could be better.
So, the question is, if I could use this to turn an old notebook into something more usefull. And,
if so, why has it only been announced as Linux for certain AP hardware.

Re:Security

[Hougaard]

Thats why its opensource, go write it :)

Repeater?

[1010011010]

Could someone elaborate on the repeater functionality? Could I place unwired access points at regular distances, with only the one at the end wired to the regular network, and roam all down the chain with an 802.11b device (PDA for instance)?

Re:Repeater?

[praedor]

What about a simple PC using WRP? Could a PC running wireless linux router act as a repeater?

I am considering building a pentium/celeron diskless/headless PC exclusively for the purpose of acting as an access point. It would be VERY helpful if I could, instead, make it a simple repeater.

Re:Repeater?

[dwhedon]

Exactly correct. The mesh formed between APs is an ethernet bridge. Stations associated with completely wireless APs (that is, no direct ethernet connection) will have their packets forwarded to the destination which may involve multiple wireless-wireless AP hops. The mesh is dynamic, APs can appear and disappear and stations can move between APs without loss of service.

David Kimdon
Instant802 Networks Inc.

Re:Repeater?

[1010011010]

That. Is. So. Sweet.

Thank you!

Re:So?

[Oggust]

> I've got a pacemaker that runs Linux. Beat that.

You know, that could really put the "panic" back in "kernel panic".

/August.

You can build an AP on a PC:

[burntfungus]

You can build a Linux Access point on a PC or laptop, pehaps even a PDA:

http://people.ssh.com/jkm/Prism2/

Bridging software: http://bridge.sourceforge.net

Re:Can I use this to turn my old notebook into an

[Bruce+Perens]

Yes, if your wireless card is based on the Prism II chip (as many new cards are, but not your old ones).That's the only thing we have an AP driver for.

Bruce

Re:802.11b ?

[burntfungus]

http://www.netstumbler.com
http://pasadena.net/vacation/

Use serial port for modem backup?

[Fencepost]

One of the features that I like about the MultiTech router/switch I have is that a modem can be hung off the serial port and used as a backup connection. What would it take to do the same with this, and is there a getty out there that would support operating both ways (i.e. use a modem for dialout, but if a terminal was connected instead then allow login).

Try an old Laptop

[luiss]

Try getting hold of an old laptop. I got a 486 toshiba satelite for about $20, added two cheap PCMCIA ethernet cards, and loaded linux on it.

No fans (I think), battery backup, and LCD screen, nice...

There is a Linux on Laptops FAQ somewhere out there where you can check for compatability. Ebay is a good place to check for cheapo laptops. Just whatch out the the amount of RAM available. With no CD-ROM most of the old cheapo laptops can be a pain to get linux loaded, if your working from a distro whose imstall img can be over 8MB in size.

Re:AirPort

[voltaire]

Actually, the Airport and the Rg-1000 are all the same hardware, infact the Ap-500 and Ap1000 are also compatible hardware. The Comunity Wireless groups have already experimented with swaping the firmware on these devices. All the devices use a Lucent/Orinoco wavelan card internally (Rg100 and Airport use silvers) Checkout PersonalTelco's FirmwareSwapping page for details. The reason you see better range in the Rg1000 is probably the orientation, the radiation patern of the integrated antennas are better suited for verticial operation. I can't quote the source but I had read a site on 802.11 antenna design and what a sorry design the client adapters used.

Re:Can I use this to turn my old notebook into an

[burntfungus]

Yes see: http://people.ssh.com/jkm/Prism2/

Lots o links on this subject: http://wireless.pasadena.net/links.php

Re:AirPort

[kwj8fty1]

There are a number of firmwares that work on both the airports and the RG1000s.

There is an update to the airports... but I'm not sure what it fixes.

You can also flash a AP500 firmware onto either of them, and it works great. You lose DHCP, but you gain radius auth, and syslog. Good stuff.

You can download any of those firmwares from here:

http://www.vilos.com/rg1000

Re:AirPort good, it uses the lucent chipset

[Splork]

yes, the airport is still the nicest cheap 802.11b access point. it uses real 802.11b cards with the Lucent chipset (orinoco/wavelan) rather than the cheapo "Prism" chipset. That way you can use WEP encryption without any performance hit. [yes, wep is useful; it keeps the 95% of people who don't know how to run airsnort off of your network]

airports are also some sort of amd 486 cpu with 8 or 16 megs of ram i believe. porting bsd or linux to them would be great.

Linux for the Airport

[ekalb]

There is a port of linux to the Apple Airport Base Station as well. However, it requires the use of a dhcp & tftp server, as well as the Java-based Airport admin tools.