Mirrors
/
aredn
mirror of https://github.com/aredn/aredn.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

aredn: add wan wifi client capability

This commit is contained in:
Joe Ayers 2019-04-06 21:03:16 -07:00 committed by Joe AE6XE
parent d8f9320021
commit 74ca6f5a17
7 changed files with 291 additions and 94 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
files/etc/config.mesh/_setup
View File

@ -17,6 +17,11 @@ wifi2_encryption =
wifi2_key =
wifi2_hwmode = 11a
wifi3_enable = 0
wifi3_ssid =
wifi3_key =
wifi3_hwmode = 11a
dmz_mode = 3
lan_proto = static
lan_ip = 172.27.0.1

5
files/etc/config.mesh/_setup.default
View File

@ -17,6 +17,11 @@ wifi2_encryption = none
wifi2_key =
wifi2_hwmode = 11a
wifi3_enable = 0
wifi3_ssid =
wifi3_key =
wifi3_hwmode = 11a
dmz_mode = 3
lan_proto = static
lan_ip = 172.27.0.1

5
files/usr/local/bin/node-setup
View File

@ -126,7 +126,9 @@ foreach $line (`cat /etc/config.mesh/_setup`)
chomp ($lanintf=`jsonfilter -e '@.network.lan.ifname' < /etc/board.json`);
$cfg{lan_intf} = "$lanintf";
$cfg{wan_intf} = get_bridge_interfaces("wan");
$cfg{wan_intf} = "dummy";
# wan_intf is set by wifi-setup directly to network config file
$cfg{dtdlink_intf} = get_bridge_interfaces("dtdlink");
if ( $cfg{wifi_enable} == 1 )
@ -511,7 +513,6 @@ system $cmd;
#
system('/usr/local/bin/wifi-setup');
unless($auto)
{
print "configuration complete.\n";

51
files/usr/local/bin/wifi-setup
View File

@ -53,18 +53,27 @@ done < $configfile
meshif="$(uci -q get network.wifi.ifname)"
meshphy="phy${meshif#wlan}"
# set physical wan interface in network
wan_intf=`cat /etc/board.json|jsonfilter -e '@.network.wan.ifname'`
uci -c ${dropdir} -q batch > /dev/null <<-EOF
set network.wan.ifname=$wan_intf
EOF
uci -c ${dropdir} -q commit network
rm -f "${dropdir}/wireless"
touch "${dropdir}/wireless"
ifacecount=$(ls -d /sys/class/ieee80211/* | wc -l)
ifacenum=0
# find each phy and configure in wirelss config
# find each phy and configure in wireless config
for _dev in /sys/class/ieee80211/*; do
[ -e "$_dev" ] || continue
dev="${_dev##*/}"
radio="radio${dev#phy}"
wlan="wlan${dev#phy}"
if [ -x /usr/bin/readlink -a -h "/sys/class/ieee80211/${dev}" ]; then
devpath="$(readlink -n -f /sys/class/ieee80211/${dev})"
@ -85,21 +94,19 @@ for _dev in /sys/class/ieee80211/*; do
is_mesh_rf=0
hwmode="11g"
htmode="HT20"
disabled="0"
chanbw=""
country=""
channel=""
distance=""
iw phy "${dev}" info | grep -q '5180 MHz' && {
hwmode="11a"
}
if [[ $wifi2_enable -eq 1 -a \( $ifacecount -eq 1 -o \( \( $ifacecount -gt 1 \) -a \( "$hwmode" = "$wifi2_hwmode" \) \) \) ]] ; then
wifi2_disabled="0"
else
wifi2_disabled="1"
fi
if [ "${dev}" = "${meshphy}" ]; then
# mesh RF adhoc configuration
is_mesh_rf=1
disabled="0"
channel="${wifi_channel}"
chanbw="${wifi_chanbw}"
country="HX"
@ -109,12 +116,9 @@ for _dev in /sys/class/ieee80211/*; do
encryption="none"
key=""
network="wifi"
else
disabled="${wifi2_disabled}"
elif [[ $wifi2_enable -eq 1 -a \( $ifacecount -eq 1 -o \( \( $ifacecount -gt 1 \) -a \( "$hwmode" = "$wifi2_hwmode" \) \) \) ]]; then
# LAN AP interface
channel="${wifi2_channel}"
chanbw=""
country=""
distance=""
ssid=$(echo "${wifi2_ssid}" | sed -e 's/\(..\)/\\x\1/g')
ssid=$(echo -e "${ssid}")
ssid=${ssid//\"/\\\"}
@ -124,6 +128,27 @@ for _dev in /sys/class/ieee80211/*; do
key=$(echo -e "${key}")
key=${key//\"/\\\"}
network="lan"
elif [[ $wifi3_enable -eq 1 -a \( $ifacecount -eq 1 -o \( \( $ifacecount -gt 1 \) -a \( "$hwmode" = "$wifi3_hwmode" \) \) \) ]]; then
# WAN Client
disabled="0"
channel=""
ssid=$(echo "${wifi3_ssid}" | sed -e 's/\(..\)/\\x\1/g')
ssid=$(echo -e "${ssid}")
ssid=${ssid//\"/\\\"}
mode="sta"
encryption="psk2"
key=$(echo "${wifi3_key}" | sed -e 's/\(..\)/\\x\1/g')
key=$(echo -e "${key}")
key=${key//\"/\\\"}
network="wan"
htmode=""
uci -c ${dropdir} -q batch > /dev/null <<-EOF
set network.wan.ifname=$wlan
EOF
uci -c ${dropdir} -q commit network
else
# interface is disabled
disabled="1"
fi
uci -c ${dropdir} -q batch > /dev/null <<-EOF

2
files/www/cgi-bin/perlfunc.pm
View File

@ -594,7 +594,7 @@ sub save_setup
open(FILE, ">$_[0]") or return 0;
foreach(sort keys %parms)
{
next unless /^(aprs|dhcp|dmz|lan|olsrd|wan|wifi|wifi2|dtdlink|ntp|time|description)_/;
next unless /^(aprs|dhcp|dmz|lan|olsrd|wan|wifi|wifi2|wifi3|dtdlink|ntp|time|description)_/;
print FILE "$_ = $parms{$_}\n";
}
close(FILE);

176
files/www/cgi-bin/setup
View File

@ -2,7 +2,7 @@
=for comment
Part of AREDN -- Used for creating Amateur Radio Emergency Data Networks
Copyright (C) 2015 Conrad Lara
Copyright (C) 2019 Joe Ayers AE6XE
See Contributors file for additional contributors
Copyright (c) 2013 David Rivenburg et al. BroadBand-HamNet
@ -113,6 +113,8 @@ else
}
$wifi2_key =~ s/([a-f0-9][a-f0-9])/chr(hex($1))/eg;
$wifi2_ssid =~ s/([a-f0-9][a-f0-9])/chr(hex($1))/eg;
$wifi3_key =~ s/([a-f0-9][a-f0-9])/chr(hex($1))/eg;
$wifi3_ssid =~ s/([a-f0-9][a-f0-9])/chr(hex($1))/eg;
}
}
@ -128,7 +130,7 @@ else
}
# make sure unchecked checkboxes are accounted for
foreach(qw(lan_dhcp olsrd_bridge olsrd_gw wifi2_enable lan_dhcp_noroute wifi_enable))
foreach(qw(lan_dhcp olsrd_bridge olsrd_gw wifi2_enable lan_dhcp_noroute wifi_enable wifi3_enable))
{
$parms{$_} = 0 unless $parms{$_};
}
@ -450,9 +452,17 @@ if($parms{button_save})
{
push (@errors, "LAN Access Point Password must be at least 8 characters, up to 64");
}
if( "$wifi3_enable" eq "1" and length($wifi3_key) > 64)
{
push (@errors, "WAN Wifi Client Password must not be greater than 64 characters");
}
if( "$wifi2_enable" eq "1" and ( $wifi2_key =~ /\'/ or $wifi2_ssid =~ /\'/ ))
{
push (@errors, "The password and ssid may not contain a single quote character.");
push (@errors, "The LAN Access Point password and ssid may not contain a single quote character");
}
if( "$wifi3_enable" eq "1" and ( $wifi3_key =~ /\'/ or $wifi3_ssid =~ /\'/ ))
{
push (@errors, "The WAN Wifi Client password and ssid may not contain a single quote character");
}
if ( $wifi2_channel < 30 and "$wifi2_hwmode" eq "11a" )
@ -467,7 +477,21 @@ if($parms{button_save})
{
push (@errors, "Mesh RF and LAN Access Point can not both use the same wireless card, review LAN AP settings");
}
if ( $phycount > 1 and ! $wifi_enable and $wifi2_hwmode eq $wifi3_hwmode )
{
push (@errors, "Some settings auto updated to avoid conflicts, please review and save one more time");
}
if ( $wifi_enable and $wifi2_enable and $wifi3_enable )
{
push (@errors, "Can not enable Mesh RF, LAN AP, and WAN Wifi Client with only 2 wireless cards, WAN Wifi Client turned off");
$wifi3_enable = 0;
}
if ( $phycount == 1 and $wifi_enable and ($wifi2_enable or $wifi3_enable ))
{
push (@errors, "Can not enable Mesh RF along with LAN AP or WAN Wifi Client. Only Mesh RF enabled now, please review settings.");
$wifi2_enable = 0;
$wifi3_enable = 0;
}
if($debug == 3) # don't save the config, just validate it
{
@ -481,6 +505,8 @@ if($parms{button_save})
system "touch /tmp/unconfigured" if -f "/etc/config/unconfigured";
$parms{wifi2_key} =~ s/(.)/sprintf("%x",ord($1))/eg;
$parms{wifi2_ssid} =~ s/(.)/sprintf("%x",ord($1))/eg;
$parms{wifi3_key} =~ s/(.)/sprintf("%x",ord($1))/eg;
$parms{wifi3_ssid} =~ s/(.)/sprintf("%x",ord($1))/eg;
$rc = save_setup("/etc/config.mesh/_setup");
$rc2 = &uci_commit("system");
if(-s "/tmp/web/save/node-setup.out")
@ -880,26 +906,55 @@ else
print "<tr><td colspan=2><hr></hr></td></tr>";
$M39model = `/usr/local/bin/get_model | grep -e "M[39]"`;
if ( $phycount > 1 or ! $wifi_enable and ! $M39model )
if ( ($phycount > 1 and (! $wifi_enable or ! $wifi3_enable))
or ($phycount == 1 and ! $wifi_enable and ! $wifi3_enable )
and ! $M39model )
{
# LAN AP shows as an option
if ( $wifi_enable and "$wifi2_hwmode" eq "11g" )
# Determine hardware options and set band and channels accordingly
if ($phycount == 1)
{
$rc3 = system("iw phy phy0 info | grep -q '5180 MHz' > /dev/null");
if ( $rc3 )
{
$wifi2_hwmode="11g";
if ( $wifi2_channel > 14 ) { $wifi2_channel = 1; }
@chan=@ctwo;
}
else
{
$wifi2_hwmode="11a";
if ( $wifi2_channel < 36 )
if ( $wifi2_channel < 36 ) { $wifi2_channel = 36; }
@chan=@cfive;
}
}
else
{
$wifi2_channel = 36;
# 2 band device
if ( $wifi_enable == 1 )
{
$wifi2_hwmode="11a";
if ( $wifi2_channel < 36 ) { $wifi2_channel = 36; }
@chan=@cfive;
}
else
{
if ( ! $wifi2_enable and $wifi3_enable and $wifi3_hwmode eq "11a" ) { $wifi2_hwmode = "11g"; }
if ( ! $wifi2_enable and $wifi3_enable and $wifi3_hwmode eq "11g" ) { $wifi2_hwmode = "11a"; }
if ( $wifi2_hwmode eq "11a" )
{
if ( $wifi2_channel < 36 ) { $wifi2_channel = 36; }
@chan=@cfive;
}
else
{
if ( $wifi2_channel > 14 ) { $wifi2_channel = 1; }
@chan=@ctwo;
}
}
}
# determine AP's wireless phy
if ( "$wifi2_hwmode" eq "11g" and ! $wifi_enable )
{ $APphy="phy1"; }
else { $APphy="phy0"; }
$rc3 = system("iw phy ${APphy} info | grep -q '5180 MHz' > /dev/null");
undef @chan;
if ( $rc3 ) { @chan=@ctwo; } else { @chan=@cfive; }
print "<tr><th colspan=2>LAN Access Point</th></tr>";
print "<tr><td>Enable</td>";
@ -916,6 +971,10 @@ if ( $phycount > 1 or ! $wifi_enable and ! $M39model )
selopt("5GHz", "11a", $wifi2_hwmode);
print "</select></td></tr>\n";
}
else
{
push @hidden, "<input type=hidden name=wifi2_hwmode value='$wifi2_hwmode'>";
}
print "<tr><td>SSID</td>\n";
print "<td><input type=text size=15 name=wifi2_ssid value='$wifi2_ssid'></td></tr>\n";
@ -1011,11 +1070,90 @@ print "<td><input type=checkbox name=lan_dhcp_noroute value=1 title='Disable LAN
print " checked" if ($lan_dhcp_noroute);
print "></td></tr>\n";
print "</table>
# WAN wifi Client
if ( ($phycount > 1 and (! $wifi_enable or ! $wifi2_enable))
or ($phycount == 1 and ! $wifi_enable and ! $wifi2_enable )
and ! $M39model )
{
# Wifi Client shows as an option
# Determine hardware options and set band accordingly
if ($phycount == 1)
{
$rc3 = system("iw phy phy0 info | grep -q '5180 MHz' > /dev/null");
if ( $rc3 ) { $wifi3_hwmode="11g"; }
else { $wifi3_hwmode="11a"; }
}
else
{
# 2 band device
if ( $wifi_enable ) { $wifi3_hwmode="11a"; }
else
{
if ( $wifi2_hwmode eq "11g" and $wifi2_enable )
{
$wifi3_hwmode = "11a";
}
if ( $wifi2_hwmode eq "11a" and $wifi2_enable )
{
$wifi3_hwmode="11g";
}
}
}
print "<tr><td colspan=2><hr></td></tr>\n";
print "<tr><th colspan=2>WAN Wifi Client</th></tr>";
print "<tr><td>Enable</td>";
print "<td><input type=checkbox name=wifi3_enable value=1";
print " checked" if $wifi3_enable;
print "></td></tr>\n";
if ( ! $wifi_enable and ! $wifi2_enable and $phycount > 1)
{
print "<tr><td>WAN Wifi Client band</td>\n";
print "<td><select name=wifi3_hwmode>\n";
selopt("2GHz", "11g", $wifi3_hwmode);
selopt("5GHz", "11a", $wifi3_hwmode);
print "</select></td></tr>\n";
}
else
{
push @hidden, "<input type=hidden name=wifi3_hwmode value='$wifi3_hwmode'>";
}
# for (my $i=0; $i<5; $i++)
# {
# @wan_ssids=`iw dev wlan0 scan passive | egrep "SSID:\\s\\S+" | cut -f 2 -d\\ | sort -u`;
# last if @wan_ssids;
# sleep 1;
# }
print "<tr><td>SSID</td>\n";
print "<td><input type=text name=wifi3_ssid size=15 value='$wifi3_ssid'>\n";
print "</select></td></tr>\n";
print "<tr><td>Password</td>\n";
print "<td><input type=password size=15 name=wifi3_key value='$wifi3_key'>";
print "</td></tr>\n";
}
else
{
push @hidden, "<input type=hidden name=wifi3_enable value='$wifi3_enable'>";
push @hidden, "<input type=hidden name=wifi3_ssid value='$wifi3_ssid'>";
push @hidden, "<input type=hidden name=wifi3_key value='$wifi3_key'>";
push @hidden, "<input type=hidden name=wifi3_hwmode value='$wifi3_hwmode'>";
}
# end WAN wifi Client
print "</table>\n</td></tr>\n";
print "</table>
</td></tr>
</table><br>
</td></tr>\n";
#

139
files/www/help.html
View File

@ -17,6 +17,9 @@ Table of Contents:
<ul>
<li><a href='#setup'>Basic Setup</a></li>
<li><a href='#lanmode'>LAN Mode</a></li>
<li><a href='#lanap'>LAN Access Point</a></li>
<li><a href='#wansettings'>WAN Settings</a></li>
<li><a href='#wanclient'>WAN Wifi Client</a></li>
<li><a href='#ports'>Port Forwarding, DHCP, and Services</a></li>
<li><a href='#admin'>Administration</a></li>
<li><a href='#advancedconfig'>Advanced Configuration</a></li>
@ -407,64 +410,7 @@ compare thoughput and determine the best distance setting.
<p>
The <strong>LAN</strong> box allows you to set the LAN IP Address
of the node and the address range of the DHCP server, and these should be
self explanatory. The <b>LAN Mode</b> is described in the next section.
</p>
<p>
The <strong>LAN Access Point</strong> section will appear on the hAP ac
lite device. Configure similar to a typical home access point. DFS channels
are currently not selectable. Access Points must detect Doppler Radar signals
and dynamically move to a clear channel for part 15 compliance. This capability
and channels may be added in a future image. Clients connecting to the LAN Access
Point share the IP Address range with clients attached though the physical Ethernet
ports.<br><br>The Encryption option 'none' is not given to enable operator control
of who is connecting to the mesh network and manage compliance of part 97
obligations.<br><br>The password key length must be between 8 and 63 characters.
If the key is 64 characters, it is treated as hex encoded. A single quote character
may not be used.</p>
<p>
The <strong>WAN</strong> box contains the settings used to
connect with an upstream network, usually an internet connection. The DNS
servers are set by default to the Google DNS servers and should not be changed
under normal circumstances. More and more ISP's are adopting the "helpful"
but <u>broken</u> behavior of taking you to an ISP generated web page if you
incorrectly type in a URL or if the host you are trying to reach no longer
exists. The proper behavior is for your browser to be able to detect these
error conditions and report them accordingly. Google follows the rules and
allows for the proper operation of the network.
</p>
<p>
When the WAN protocol is set to disabled you have the option of using a
default gateway on the LAN. Integrating an existing LAN with a mesh node LAN
is an expert level undertaking and there are far too many considerations to be
covered here.
</p>
<p>
The <strong>Allow others to use my WAN</strong> is an Advanced WAN option.
<br> When a node has internet access from either the WAN or LAN, that access is
available to the node itself and to any computer connected to the LAN network.
When this option is enabled this node will gate(route) traffic from the
mesh onto this network and the internet.
By default it is disabled, so consider carefully your
intentions for enabling it. AREDN&trade; is an FCC Part 97 amateur radio
computer network, so be sure that any internet traffic that will be sent over
radio needs to comply with Part 97 rules. If you just want local wireless
internet access, consider using a standard Part 15 compliant access point
instead of the Mesh Gateway function.
<br><br>
The <strong>Prevent LAN devices from accessing WAN</strong> checkbox will
cause the node to not advertise to LAN devices that it should be chosen
as the default route. This means that computers on the LAN of this node
will not try and route to the internet or other networks via the mesh node
and will only try and use the mesh node for the 10.0.0.0/8 and 172.16.0.0/12
"mesh" network ranges. You will not be able to access the internet, even
if your node has internet available on its WAN port with this setting checked.
This also applies to internet available over the mesh. Use this only if you
know what a default route is and you need to be connected to two networks at
once such as wired to the mesh, and WiFi to a local served agency network.
self explanatory.
</p>
<p>
<br>
@ -511,6 +457,83 @@ provided by computers on the LAN can only be accessed through port forwarding
rules. A single DMZ server can be set up to accept all incoming traffic that
is not already handled by other rules or by the node itself.
</p>
<p>
<br>
<a name=lanap><b>LAN Access Point</b></a>
</p>
<p>
The <strong>LAN Access Point</strong> section will appear on the hAP ac
lite device. Configure similar to a typical home access point. DFS channels
are currently not selectable. Access Points must detect Doppler Radar signals
and dynamically move to a clear channel for part 15 compliance. This capability
and channels may be added in a future image. Clients connecting to the LAN Access
Point share the IP Address range with clients attached though the physical Ethernet
ports.<br><br>The Encryption option 'none' is not given to enable operator control
of who is connecting to the mesh network and manage compliance of part 97
obligations.<br><br>The password key length must be between 8 and 63 characters.
If the key is 64 characters, it is treated as hex encoded. A single quote character
may not be used.</p>
<p>
<br>
<a name=wansettings><b>WAN Settings</b></a>
</p>
<p>
The <strong>WAN</strong> box contains the settings used to
connect with an upstream network, usually an internet connection. The DNS
servers are set by default to the Google DNS servers and should not be changed
under normal circumstances. More and more ISP's are adopting the "helpful"
but <u>broken</u> behavior of taking you to an ISP generated web page if you
incorrectly type in a URL or if the host you are trying to reach no longer
exists. The proper behavior is for your browser to be able to detect these
error conditions and report them accordingly. Google follows the rules and
allows for the proper operation of the network.
</p>
<p>
When the WAN protocol is set to disabled you have the option of using a
default gateway on the LAN. Integrating an existing LAN with a mesh node LAN
is an expert level undertaking and there are far too many considerations to be
covered here.
</p>
<p>
The <strong>Allow others to use my WAN</strong> is an Advanced WAN option.
<br> When a node has internet access from either the WAN or LAN, that access is
available to the node itself and to any computer connected to the LAN network.
When this option is enabled this node will gate(route) traffic from the
mesh onto this network and the internet.
By default it is disabled, so consider carefully your
intentions for enabling it. AREDN&trade; is an FCC Part 97 amateur radio
computer network, so be sure that any internet traffic that will be sent over
radio needs to comply with Part 97 rules. If you just want local wireless
internet access, consider using a standard Part 15 compliant access point
instead of the Mesh Gateway function.
<br><br>
The <strong>Prevent LAN devices from accessing WAN</strong> checkbox will
cause the node to not advertise to LAN devices that it should be chosen
as the default route. This means that computers on the LAN of this node
will not try and route to the internet or other networks via the mesh node
and will only try and use the mesh node for the 10.0.0.0/8 and 172.16.0.0/12
"mesh" network ranges. You will not be able to access the internet, even
if your node has internet available on its WAN port with this setting checked.
This also applies to internet available over the mesh. Use this only if you
know what a default route is and you need to be connected to two networks at
once such as wired to the mesh, and WiFi to a local served agency network.
</p>
<p>
<br>
<a name=wanclient><b>WAN Wifi Client</b></a>
</p>
<p>
The WAN Wifi Client feature enables connecting the mesh node to the Internet or foreign network
available on a wifi Access Point. Enabling the WAN Wifi Client will disable vlan1
and access to the Internet over the physical Ethernet port. Type in the SSID and password
to connect to. If the device is dual-band, e.g. an hAP a lite, the band option will be
shown.<br><br>The password key length must not be greater than 64 characters. If the key
lenght is 64, it is treated as hex encoded. A single quote character
may not be used.</p>
</p>
<hr width=500>
<a name='optionalsettings'><h4>Optional Settings</h4>
<p>