wpa_supplicant && ipfilter && FreeBSD 6.0-REL

This is a discussion on wpa_supplicant && ipfilter && FreeBSD 6.0-REL within the IPFilter forums, part of the System Security and Security Related category; Hello, I'm using ipfilter v4.1.8 in FreeBSD 6.0-REL to protect my laptop while traveling around ...


Go Back   Usenet Forums > System Security and Security Related > IPFilter

Reload this Page wpa_supplicant && ipfilter && FreeBSD 6.0-REL

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 05-11-2006
Matthias Apitz
 
Posts: n/a
Default wpa_supplicant && ipfilter && FreeBSD 6.0-REL

Hello,

I'm using ipfilter v4.1.8 in FreeBSD 6.0-REL to protect my
laptop while traveling around or at home when I'm connected
with Wi-Fi to the Internet.

At home I'm accessing my access point only with WEP security
and ipfilter / ipnat works fine and as expected.

In my office recently we installed an AP as well with WPA-PSK security
and when I launched it for the 1st time it did not work and I was
thinking in a some how missconfigured AP or W-LAN interface in my
laptop. After hours it turned out, that it works fine but only
when I remove the ipfilter with '/sbin/ipf -D' or if I remove the
entry for ipfilter from the boot file /etc/rc.conf.

It even does not work with a very simple /etc/ipf.rules file like:


#
# No restrictions on Wi-Fi
#
pass out quick on iwi0 all
pass in quick on iwi0 all

#
# No restrictions on Loopback Interface
#
pass in quick on lo0 all
pass out quick on lo0 all

The Wi-Fi itselft comes up after booting with a script:

#!/bin/sh
#

kldload -v wlan_acl wlan_wep wlan_ccmp wlan_tkip

ifconfig bge0 down
ifconfig bge0 inet 222.222.222.222
route delete default

wpa_supplicant -B -i iwi0 -c /etc/wpa_supplicant.conf

sleep 1
ifconfig iwi0 inet 193.31.10.34 netmask 255.255.255.224
route add default 193.31.10.58

The interface iwi0 gets associated fine without any problem
but traffic does not go out.

I have the following kernel mods loaded:

# kldstat
Id Refs Address Size Name
1 25 0xc0400000 63070c kernel
2 1 0xc0a31000 4d08 if_tap.ko
3 1 0xc0a36000 57c8 snd_ich.ko
4 2 0xc0a3c000 1d408 sound.ko
5 1 0xc0a5a000 a30c if_iwi.ko
6 1 0xc0a65000 2c90 wlan_wep.ko
7 1 0xc0a68000 4ac8 atapicam.ko
8 16 0xc0a6d000 568dc acpi.ko
9 1 0xc27c5000 2a000 ipl.ko
10 1 0xc2916000 15000 linux.ko
11 1 0xc2d13000 3000 wlan_acl.ko
12 1 0xc2d1e000 7000 wlan_ccmp.ko
13 1 0xc2d25000 4000 wlan_tkip.ko

What could be the problem with the ipfilter?
Thx

matthias

--
Matthias Apitz
Manager Technical Support - OCLC PICA GmbH
Gruenwalder Weg 28g - 82041 Oberhaching - Germany
t +49-89-61308 351 - f +49-89-61308 399 - m +49-170-4527211
e <m.apitz@oclcpica.org> - w http://www.oclcpica.org/ http://guru.UnixLand.de/
Reply With Quote
Reply
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 04:03 PM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0