[juneau-lug] Re: OpenBSD Gateway; A Whole Heap of Questions

  • From: "Myron Davis" <myrond@xxxxxxxxxxx>
  • To: juneau-lug@xxxxxxxxxxxxx
  • Date: Mon, 18 Oct 2004 01:30:02 -0800 (AKDT)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Any and all of them, personally I'd go w/ a bridge, easy to setup and run
with.  You could of course setup different networks for both wireless and
wired.  Big thing about a bridge after you create it, if you have anything
pointing to your local ethernet interfaces you should point change the
pointer to the bridge interface instead.  You don't even need IP
addressess for your wireless interface or your ethernet interface anymore.

Not sure about BSD land but I know on linux side there are several
different drivers for wireless and some create different interfaces for
the different types of methods of interacting with wireless clients.
(i.e. your mail interface is wifi0, if you sniff data there you'll see
link layer traffic, then if you want regular ethernet filters traffic you
connect to wlan0, if you want wds traffic you connect to wlan0wdsX where x
is the wds network, or if you want a station interface and your in master
mode you connect to wlan0sta).  But different drivers (and different
versions of drivers) do things quite a bit differently.

- -Myron

> Hello,  I've been to a few meetings so you may or may not remember me but
> I was hoping that someone with some OBSD experience could help me out.
> I'm trying to build a OpenBSD based router/gateway/firewall for my home
> lan.  The whole thing should look similar to this:
>
> Internet --> Cable Modem --> OBSD --> Hub --> LAN Clients
>
> The gateway has three interfaces(external, internal and wireless).  I've
> been able to get pf to do NAT and packet filtering between the two
> ethernet external and internal interfaces.  I've also been able to get
> dhcpd to pass out leases to LAN clients on the internal interface.  This
> all works more or less.  The big problem is the wireless.
>
> I've been able to create my access point with the following script.
>
> #!/bin/sh
> #Used HOWTO --> http://www.unixcircle.com/features/802.11b_openbsd.php
> ifconfig wi0 inet up nwid hogwarts media DS11 mediaopt hostap
> wicontrol -e 1
> wicontrol -k 0xblahblahblah -v 1
> wicontrol -T 1
> wicontrol -f 11
> wicontrol -s "OpenBSD_AP"
>
> This script is run by rc.local and creates the interface as shown:
>
> wi0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
>         address: 00:05:5d:ee:6e:3e
>         nwid hogwarts
>         nwkey blahblahblah
>         powersave off
>         media: IEEE802.11 DS11 hostap
>         status: active
>         inet6 fe80::205:5dff:feee:6e3e%wi0 prefixlen 64 scopeid 0x3
>         inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255
>
> As I mention previously I can connect to the resulting AP with my wireless
> clients.  However weird things that I don't understand start happening
> from here on out.  For example, I can't seem to ping 192.168.1.1 from my
> wireless clients, or I my wlan clients get IPs like 169.158.***.***.  This
> is essentially where my gas tank of knowledge runs empty.  Do I,
>
> 1)Create bridge device between my wireless and internal interfaces?
> 2)Create seperate NAT rules for wireless interface?
> 3)Run dhcpd on my wireless interface?
>
> Any advice on the matter would be appreciated.  Thanks.
>
> Kevin Elliott
>
>
> ------------------------------------
> This is the Juneau-LUG mailing list.
> To unsubscribe, send an e-mail to juneau-lug-request@xxxxxxxxxxxxx with
> the word unsubscribe in the subject header.
>


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFBc40Uifbfg5b2FvURAk0OAKCTrNQxoeo5vG/STxoKZ1+RPO4WhQCg5pAv
KzJFQjdlo1m4XN3X5GpbVYE=
=vmPb
-----END PGP SIGNATURE-----

Random Thought:
---------------
I exercise extreme self-control. I never drink anything stronger than gin 
before breakfast. - W. C. Fields, 1880 - 1946

------------------------------------
This is the Juneau-LUG mailing list.
To unsubscribe, send an e-mail to juneau-lug-request@xxxxxxxxxxxxx with the 
word unsubscribe in the subject header.

Other related posts:

  1. Home
  2. juneau-lug
  3. Archive
  4. 10-2004