[juneau-lug] OpenBSD Gateway; A Whole Heap of Questions

  • From: Steven Elliot <patches5@xxxxxxx>
  • To: juneau-lug@xxxxxxxxxxxxx
  • Date: Mon, 18 Oct 2004 00:48:13 -0800

Hello,  I've been to a few meetings so you may or may not remember me but I was 
hoping that someone with some OBSD experience could help me out.  I'm trying to 
build a OpenBSD based router/gateway/firewall for my home lan.  The whole thing 
should look similar to this:

Internet --> Cable Modem --> OBSD --> Hub --> LAN Clients

The gateway has three interfaces(external, internal and wireless).  I've been 
able to get pf to do NAT and packet filtering between the two ethernet external 
and internal interfaces.  I've also been able to get dhcpd to pass out leases 
to LAN clients on the internal interface.  This all works more or less.  The 
big problem is the wireless.

I've been able to create my access point with the following script.

#!/bin/sh
#Used HOWTO --> http://www.unixcircle.com/features/802.11b_openbsd.php
ifconfig wi0 inet up nwid hogwarts media DS11 mediaopt hostap
wicontrol -e 1
wicontrol -k 0xblahblahblah -v 1
wicontrol -T 1
wicontrol -f 11
wicontrol -s "OpenBSD_AP"

This script is run by rc.local and creates the interface as shown:

wi0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
        address: 00:05:5d:ee:6e:3e
        nwid hogwarts
        nwkey blahblahblah
        powersave off
        media: IEEE802.11 DS11 hostap
        status: active
        inet6 fe80::205:5dff:feee:6e3e%wi0 prefixlen 64 scopeid 0x3
        inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255

As I mention previously I can connect to the resulting AP with my wireless 
clients.  However weird things that I don't understand start happening from 
here on out.  For example, I can't seem to ping 192.168.1.1 from my wireless 
clients, or I my wlan clients get IPs like 169.158.***.***.  This is 
essentially where my gas tank of knowledge runs empty.  Do I,

1)Create bridge device between my wireless and internal interfaces?
2)Create seperate NAT rules for wireless interface?
3)Run dhcpd on my wireless interface?

Any advice on the matter would be appreciated.  Thanks.

Kevin Elliott


------------------------------------
This is the Juneau-LUG mailing list.
To unsubscribe, send an e-mail to juneau-lug-request@xxxxxxxxxxxxx with the 
word unsubscribe in the subject header.

Other related posts:

  1. Home
  2. juneau-lug
  3. Archive
  4. 10-2004