hostapd and encryption
Markus Ritzer
fdsag
Sun May 11 12:13:10 PDT 2008
>
> Configuring WPA in hostapd should have been enough.. I would have
> expected that to make madwifi reject open connections without any
> additional steps. Could you please send debug log from hostapd (-dd on
> command line) showing a client connecting without WPA when hostapd is
> configured to use WPA?
First of all, sorry for not responding for so long! I wasn't at home for
some days.
I noticed the following: When I started hostapd at boot time, encryption
didn't work (or it accepted unencrypted connections, too), but when I
killed hostapd and restarted it, only encrypted connections were
allowed. I tried to start it with -dd and here is a part of the output:
Configuration file: /etc/hostapd/hostapd.conf
Line 43: DEPRECATED: 'debug' configuration variable is not used anymore
ctrl_interface_group=0
madwifi_set_iface_flags: dev_up=0
madwifi_set_privacy: enabled=0
BSS count 1, BSSID mask ff:ff:ff:ff:ff:ff (0 bits)
SIOCGIWRANGE: WE(compiled)=22 WE(source)=13 enc_capa=0xf
ath0: IEEE 802.11 Fetching hardware channel/rate support not supported.
Flushing old station entries
madwifi_sta_deauth: addr=ff:ff:ff:ff:ff:ff reason_code=3
ioctl[IEEE80211_IOCTL_SETMLME]: Invalid argument
madwifi_sta_deauth: Failed to deauth STA (addr ff:ff:ff:ff:ff:ff reason 3)
Could not connect to kernel driver.
Deauthenticate all stations
madwifi_set_privacy: enabled=0
madwifi_del_key: addr=00:00:00:00:00:00 key_idx=0
madwifi_del_key: addr=00:00:00:00:00:00 key_idx=1
madwifi_del_key: addr=00:00:00:00:00:00 key_idx=2
madwifi_del_key: addr=00:00:00:00:00:00 key_idx=3
Using interface ath0 with hwaddr 00:19:e0:83:b8:48 and ssid 'MARKUS'
SSID - hexdump_ascii(len=6):
4d 41 52 4b 55 53 MARKUS
PSK (ASCII passphrase) - hexdump_ascii(len=14):
4d 41 52 4b 55 53 31 38 31 32 31 39 38 32 MARKUS18121982
PSK (from passphrase) - hexdump(len=32): 06 4b 39 a6 54 8f c6 eb 24 a8
68 0e 36 e4 a1 4c 30 5b cb 2a a0 7b 11 b1 e6 25 b7 3d c1 13 e0 ca
madwifi_set_ieee8021x: enabled=1
madwifi_configure_wpa: group key cipher=3
madwifi_configure_wpa: pairwise key ciphers=0x8
madwifi_configure_wpa: key management algorithms=0x2
madwifi_configure_wpa: rsn capabilities=0x0
madwifi_configure_wpa: enable WPA=0x1
WPA: group state machine entering state GTK_INIT (VLAN-ID 0)
GMK - hexdump(len=32): [REMOVED]
GTK - hexdump(len=16): [REMOVED]
WPA: group state machine entering state SETKEYSDONE (VLAN-ID 0)
madwifi_set_key: alg=CCMP addr=00:00:00:00:00:00 key_idx=1
madwifi_set_privacy: enabled=1
madwifi_set_iface_flags: dev_up=1
ath0: Setup of interface done.
l2_packet_receive - recvfrom: Network is down
Wireless event: cmd=0x8b1a len=15
l2_packet_receive - recvfrom: Network is down
Wireless event: cmd=0x8c03 len=20
ath0: STA 00:08:a1:a1:8e:10 IEEE 802.11: associated
New STA
madwifi req WPA IE - hexdump(len=256): 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00
madwifi req RSN IE - hexdump(len=256): 12 c7 27 09 00 00 96 02 00 00 6a
c1 2e c0 00 00 00 00 00 88 12 c7 6a c1 2e c0 0b 00 00 00 c4 8b 12 c7 00
00 00 00 09 00 00 00 c4 8b 12 c7 00 00 00 00 00 00 00 00 00 00 00 00 00
88 12 c7 00 00 00 00 00 00 49 00 00 88 12 c7 30 3e 8f c9 30 3e 8f c9 40
cf 7d c0 00 00 49 c1 b0 3d 8f c9 00 00 49 c1 e5 a5 5c c0 a0 d1 84 cd 40
7f 20 c1 58 01 49 c1 01 00 00 00 00 00 00 00 01 00 00 00 98 aa e2 c2 94
b2 11 c0 00 08 00 00 d8 93 11 c0 1c 4d 20 c1 b0 45 92 cf e0 22 1d a3 f8
12 00 00 01 00 00 00 00 00 00 00 a8 45 92 cf 00 4d 20 c1 01 00 00 00 00
4d 20 c1 a8 45 92 cf 00 00 00 00 bb 8e 11 c0 a8 45 92 cf 2d 31 01 00 00
00 00 00 d7 8a 11 c0 46 6e 4e a4 f8 12 00 00 66 1e 00 00 00 00 00 00 01
00 00 00 a8 45 92 cf 00 4d 20 c1 40 5c 20 c1 00 00 00 00 90 47 92 cf a0
d1 84 cd 00 80
No WPA/RSN information element for station!?
Wireless event: cmd=0x8c02 len=95
Custom wireless event: 'STA-TRAFFIC-STAT
mac=00:08:a1:a1:8e:10
rx_packets=0
rx_bytes=0
tx_packets=0
tx_bytes=0
'
Wireless event: cmd=0x8c04 len=20
ath0: STA 00:08:a1:a1:8e:10 IEEE 802.11: disassociated
Wireless event: cmd=0x8c03 len=20
ath0: STA 00:08:a1:a1:8e:10 IEEE 802.11: associated
New STA
madwifi req WPA IE - hexdump(len=256): 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00
madwifi req RSN IE - hexdump(len=256): 12 c7 fe 00 00 00 96 02 00 00 6a
c1 2e c0 00 00 00 00 82 02 00 00 6a c1 2e c0 0b 00 00 00 c4 8b 12 c7 00
00 00 00 09 00 00 00 c4 8b 12 c7 00 00 00 00 00 00 00 00 00 00 00 00 00
88 12 c7 00 00 00 00 00 00 49 00 00 88 12 c7 30 3e 8f c9 30 3e 8f c9 98
f1 58 cf 8c 3e 8f c9 b0 3d 8f c9 00 00 00 00 8c 3e 8f c9 2c 25 18 c0 20
00 00 00 c4 3d 8f c9 00 00 00 00 00 00 00 00 01 00 00 00 98 aa e2 c2 01
00 00 00 70 b2 11 c5 04 00 00 00 98 3e 8f c9 9c 3e 8f c9 1c c2 4d c0 80
b7 62 cf 00 40 00 00 00 00 00 00 bc d9 4d c0 71 ce 0a 08 00 00 00 00 51
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00 88 12 c7 00
00 00 00 09 a0 93 c8 45 eb 2e c0 00 00 00 00 00 6c ae cf 00 08 2a cc 2a
af 2e c0 00 08 2a 0a f5 0f 00 00 92 02 00 00 7a 67 13 c0 70 d3 11 c0 00
00 00 00 00 80
No WPA/RSN information element for station!?
Sending disassociation info to STA 00:08:a1:a1:8e:10
madwifi_sta_disassoc: addr=00:08:a1:a1:8e:10 reason_code=4
Wireless event: cmd=0x8c02 len=95
Custom wireless event: 'STA-TRAFFIC-STAT
mac=00:08:a1:a1:8e:10
rx_packets=0
rx_bytes=0
tx_packets=0
tx_bytes=0
'
Wireless event: cmd=0x8c04 len=20
ath0: STA 00:08:a1:a1:8e:10 IEEE 802.11: disassociated
Wireless event: cmd=0x8c03 len=20
ath0: STA 00:08:a1:a1:8e:10 IEEE 802.11: associated
New STA
madwifi req WPA IE - hexdump(len=256): 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00
madwifi req RSN IE - hexdump(len=256): 12 c7 47 09 00 00 96 02 00 00 6a
c1 2e c0 00 00 00 00 82 02 00 00 6a c1 2e c0 0b 00 00 00 c4 8b 12 c7 00
00 00 00 09 00 00 00 c4 8b 12 c7 00 00 00 00 00 00 00 00 00 00 00 00 00
88 12 c7 00 00 00 00 00 00 49 00 00 88 12 c7 30 3e 8f c9 30 3e 8f c9 98
f1 58 cf 8c 3e 8f c9 b0 3d 8f c9 00 00 00 00 8c 3e 8f c9 2c 25 18 c0 60
9f 7d c0 40 ce 7d c0 05 7f 12 c0 00 00 00 00 0a 00 00 00 46 00 00 00 01
00 00 00 70 b2 11 c5 04 00 00 00 98 3e 8f c9 9c 3e 8f c9 1c c2 4d c0 80
b7 62 cf 00 40 00 00 00 00 00 00 bc d9 4d c0 71 ce 0a 08 00 00 00 00 51
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00 88 12 c7 00
00 00 00 09 a0 93 c8 45 eb 2e c0 00 00 00 00 00 6c ae cf 00 08 2a cc 2a
af 2e c0 00 08 2a 0a f5 0f 00 00 92 02 00 00 7a 67 13 c0 70 d3 11 c0 00
00 00 00 00 80
No WPA/RSN information element for station!?
Wireless event: cmd=0x8c02 len=95
Custom wireless event: 'STA-TRAFFIC-STAT
mac=00:08:a1:a1:8e:10
rx_packets=0
rx_bytes=0
tx_packets=0
tx_bytes=0
'
Wireless event: cmd=0x8c04 len=20
ath0: STA 00:08:a1:a1:8e:10 IEEE 802.11: disassociated
In the meantime, I wrote a shell script that seems to solve the problem
for me:
(I had trouble using the init scripts in /etc/init.d -- I am using
Gentoo Linux)
#!/bin/bash
LOGFILE=/data/logs/accesspoint
date >> $LOGFILE
# This is the IP-address of the wlan card
IP=192.168.2.1
# loading the kernel module in access point mode
modprobe ath_pci autocreate=ap >> $LOGFILE
# set up a temporary SSID
iwconfig ath0 essid markus12345 channel 9 >> $LOGFILE
iwpriv ath0 bintval 500 >> $LOGFILE
iwpriv ath0 mode 3 >> $LOGFILE
iwconfig ath0 channel 9 >> $LOGFILE
iwpriv ath0 turbo 0 >> $LOGFILE
# assign an IP-address to the wlan card
ifconfig ath0 $IP >> $LOGFILE
# start the wlan device
ifconfig ath0 up >> $LOGFILE
# wait for a while, so everything is ready for hostapd (I needed this)
sleep 8
# activate IP-forwarding in the kernel
echo 1 > /proc/sys/net/ipv4/ip_forward
# activate masquerading
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE >> $LOGFILE
# initialize return value with error
RET=1
while [ $RET -ne 0 ]
do
# start hostapd in the background (-B)
hostapd /etc/hostapd/hostapd.conf -B >> $LOGFILE
#wait
sleep 5
# check if hostapd is running
ps -A|grep hostapd
RET=$?
done
#start DHCP server
dhcpd >> $LOGFILE
iwconfig says now:
lo no wireless extensions.
eth0 no wireless extensions.
dummy0 no wireless extensions.
tunl0 no wireless extensions.
wifi0 no wireless extensions.
ath0 IEEE 802.11g ESSID:"MARKUS" Nickname:""
Mode:Master Frequency:2.452 GHz Access Point: 00:19:E0:83:B8:48
Bit Rate:0 kb/s Tx-Power:18 dBm Sensitivity=1/1
Retry:off RTS thr:off Fragment thr:off
Encryption key:305B-9BB1-64D0-D6B4-9175-0BD0-FFCD-9005 [3]
Security mode:open
Power Management:off
Link Quality=20/70 Signal level=-76 dBm Noise level=-96 dBm
Rx invalid nwid:8788 Rx invalid crypt:0 Rx invalid frag:0
Tx excessive retries:0 Invalid misc:0 Missed beacon:0
More information about the Hostap
mailing list