how i got my wireless network up

Part the first: my system

I have a local wired network, half a dozen computers when they're all turned on.

One (aging) machine is the server - always on, samba ftp apache that sort of stuff. It has three 10/100 cards, only one of them really important, but they all work when i need them.

running debian with kernel 2.4.20

all IP addresses are obtained by by dhcp from an ADSL modem/router

The house has one laptop, well two really but one lives on a desk with an ethernet cable

I bought a wireless card from a friend who didn't need it (it had mac drivers, which is another long story), so i decideed to get a wireless PCI card for the server, which lives up on a wall where i thought the reception would be pretty good. i looked around the various linux hardware compatibility lists, and bought the third-cheapest card available. Advertised at my favourite online computer shop as an SMC2602W v2

Part the second: the card

Unfortunately I threw out the box, but it looked like they do, and it said SMC2602W v2 on it, I promise.

SMC2602W
The sticker on the PCI card says it's an SMC2602W, but no revision number there.

38928689 REV2A
but it says Rev 2A on the circuit board...

LLM0025MC2602W
the FCC ID is LLM0025MC2602W

PCI9052
and the PCI to PCMCIA interface chip is a 9052

SMC2632W
The PCMCIA card is an SMC2632W.

0004E21E08F6 2632W
And I don't know if this could possibly be any use to anyone, but the barcode on the PCMCIA card is 0004E21E08F6

Part the third: the pain

I spent a long time following all sorts of wrong instructions, before realising that revision 2A is different from revision 2.

it's actually a prism card, and it works with the orinoco drivers

but the drivers didn't report the signal strength properly, so i still thought it wasn't working. you must have faith. it looks like there's no signal, you can't move any data, but there may still be a connection.

Try this:

set essid MYNETWORK # on the server and the laptop

set mode ad-hoc

now the laptop should report signal.

even if everything is ok, you will have no connection yet because you haven't set up the IP addresses and stuff. It took me a week to get from here to the full network.

i wanted the laptop (and any others who come visiting) to get their ip addresses by dhcp, and become a seamless part of the wired network

edit /etc/network/interfaces

** hopefully i'll finish this section one day, but it was a blind alley and i ended up not using dhcp anyway... ***

anyway, eventually, i had the laptop and the server talking to each other, but it didn't seem very reliable, and suddenly i got thousands of these errors:

error -110 writing Tx descriptor to BAP

the terminal was unusable, it wouldn't accept keyboard input - but fortunately i had just got eth0 up, so i could ssh in and continue to work from my desktop (while i watched the server screen flicker)

--i can't remember what i did then, but i suspect it was something like rmmod orinoco or rmmod hermes.

after a lot more searching i found out something about the driver error

cat /var/log/syslog | grep orinoco

cat /var/log/messages | grep eth

told me that the orinoco driver is version 0.11b

i found this on the debian-laptop archive:

"try upgrading your kernel to 2.4.2x or so, where you'll get 0.13b which i believe fixes this problem"

i also found that the linux-wlan-ng module worked for a few people, and since i was happy with my kernel i decided to try that... but i couldn't insert the kernel modules. it was probably just something simple i was missing, but i decided to move up to kernel 2.4.26

(download new kernel, fix symlinks, make menuconfig...)

select "show experimental drivers" or whatever it is

select network drivers | wireless networking | hermes and PLX thingy

select network stuffs | bridging whatever

installed bridge thingy and wireless thingies and dhcp bridging thingy

This upgrade surprisingly worked straight away, and didn't break anything else (i am using debian though). the server and the laptop could see each other, and the pc thought it could communicate with the laptop...

but the laptop couldn't talk to the server, and i found that i was getting hundreds of RX packet errors and thousands of TX packet errors

it took me a lot of searching to find anything helpful, so i include a typical output from ifconfig:

eth2 blah blah

inet addr:blah blah

UP blah blah

RX packets:16 errors:330 dropped:330: overruns:0 frame:0

TX packets:0 errors:4360 dropped:4360 overruns:0 carrier:0

blah blah

eventually i wondered about this message in dmesg:

Intersil firmware earlier than v0.08 - several features not supported

and i thought, maybe one of the unsupported features is actual communication with another device??

Part the fourth: the road home

I went searching for a firmware upgrade. this man helped

http://dhirajbhuyan.hypermart.net/prism-hostap.html

and so did the very helpful JunSun

http://linux.junsun.net/intersil-prism

it seems the hostap driver comes with a firmware upgrading tool

so i installed hostap (using dselect),

cd /usr/src

tar -zxvf hostap-source.tar.gz

cd modules/hostap-source

make

make install

make install_plx

reboot

(and each time you compile the kernel, you have to do it all again)

i don't know if i really needed to do all that. i also removed the orinoco driver from my kernel (compiled it as a module again) and selected general setup - support for hotpluggable devices - PCMCIA support (as a module)

i don't know whether i had to do that either though.

modprobe hostap_plx should have worked, but it didn't.

insmod hostap_plx worked though, and now i know this:

wlan0: NIC: id=0x8002 v1.0.0

wlan0: PRI: id=0x15 v0.3.0

wlan0: STA: id=0x1f v0.7.6

according to our friend mr sun, the latest primary firmware version is 0.3.0, which is good. but the station version is up to v1.8.0 which is a long way ahead of me. unfortunately the IDtable has just about every number and letter except 8002, which leaves us a bit in the dark but we'll push on regardless.

I found this reply to jun sun:

linux.junsun.net/intersil-prism/stories/Sassi-Sahbi_SMC_SMC2602W

so i downloaded s1010701.hex

realised that the debian hostap package has been seperated from the hostap utilities package, and installed hostap utilities followed jun sun's instructions, crossed my fingers, and typed

prism2_srec -v -f wlan0 /foo/bah/s1010701.hex

it worked.

but i couldn't get the orinoco drivers to work now - no signal at all on the laptop.

so i went back to hostap (modprobe hostap_plx, which worked this time) and finally i could make a connection to the laptop.

so i went back to the bridging setup. it took me a while to work out that my mac only requested an address via dhcp when it needed to make a connection. so i spent a long time looking at a dialog which read

"obtain an address by DHCP (ticked) : IP address will be supplied"

so i worked that out, now i've got an IP address, tcpdump -i br0 shows the dhcp request and reply.... but no other traffic passes through the interface. my tcpdump is full of "arp who-has [the address my laptop just got] tell [the server]" but it's not telling. arp shows the hardware address as "incomplete"

so...

so close i could smell it,

it took me DAYS to get the nat translation right.

but here it is, from a thread at linuxquestions.org called 'wireless routing to laptop'

first, a diagram:

                          puter
                            |
            DSL modem       |
internet --- inc. NAT/ --- hub --- eth0
                DHCP        |       server
                            |        wlan0 ... laptop    
                          puter                 (mac)

now if that makes any sense, the numbers are:

modem grants DHCP addresses 10.1.1.x, so i didn't want the wireless network to interfere with them

i set wlan0 to 192.1.1.2 [ifconfig wlan0 192.1.1.2], and the laptop to 192.1.1.4

laptop gateway ("router address") and Domain Name Server ("name server") are both 192.1.1.2

on the server, (comments in square brackets, CASE is IMPORTANT)

[turn on ip forwarding]

echo 1 > /proc/sys/net/ipv4/ip_forward

[flush ip tables, in case you've been mucking around with them like me]

iptables -F

[set up network address translation between wlan0 (just the one address for now) and the big internet]

iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to 192.1.1.4

(repeat that line for all local wireless ip addresses

iptables -A FORWARD -j ACCEPT -i wlan0 -s 192.1.1.0/24

iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT

i'm starting to get a bit lost here, but i think iptables defaults to dropping everything, so you have to make the default policies ACCEPT for your other interfaces:

iptables -t filter -P INPUT ACCEPT

iptables -t filter -P OUTPUT ACCEPT

AND FINALLY, AS IF BY MAGIC, I START MY WEB BROWSER ON THE LAPTOP AND I CAN BROWSE THE WEB!!

man that was a long month.

next i'm going to do something easy.

a few final notes though: i haven't bothered to play with encryption and stuff, i figure if the neighbours can break it just by running a sniffer overnight, then what's the point. I prefer protection by obfuscation. the script above means that ONLY 192.1.1.4 will be able to access the network, and there can only be one computer with that address. which means if mine is on (often), noone else can get in. and if it's not, i'll notice activity on the server and come looking for you.

and once it's all working, rather than waiting a month till you restart your box for some other reason and realising you're giong to have to work it all out again,

iptables-save and iptables-restore will save you.

and a few useful commandlines (especially when you get to posting your problem to a newsgroup):

netstat -rn

route -n

iptables -L

ifconfig

iwconfig

that's all for now. i'll format this a bit in the morning and upload it.

-->more of andrew's random projects

Bookmark and Share