]>
Commit | Line | Data |
---|---|---|
0e035311 MT |
1 | #!/bin/bash |
2 | ############################################################################### | |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
5 | # Copyright (C) 2012 IPFire Network Development Team # | |
6 | # # | |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | ############################################################################### | |
21 | ||
49ec20d8 | 22 | HOSTAPD_CONTROL_INTERFACE_DIR="/run/hostapd/ctrl" |
0e035311 | 23 | |
6c262922 MT |
24 | HOSTAPD_SUPPORTED_MODES="802.11a 802.11a/n 802.11ac 802.11g 802.11g/n" |
25 | ||
1c6a4e30 | 26 | hostapd_config_write() { |
0e035311 | 27 | local device=${1} |
49ec20d8 | 28 | assert isset device |
0e035311 | 29 | |
49ec20d8 MT |
30 | local file=${2} |
31 | assert isset file | |
32 | ||
33 | # Shift the device and file argument. | |
34 | shift 2 | |
0e035311 MT |
35 | |
36 | local broadcast_ssid | |
37 | local channel | |
f9e980d9 | 38 | local channel_bandwidth |
31670741 | 39 | local country_code="$(wireless_get_reg_domain)" |
7b297fb2 | 40 | local dfs="on" |
0e035311 MT |
41 | local encryption |
42 | local key | |
43 | local mode | |
44 | local ssid | |
19c166f8 | 45 | local wmm="1" |
0e035311 MT |
46 | |
47 | while [ $# -gt 0 ]; do | |
48 | case "${1}" in | |
49 | --broadcast-ssid=*) | |
2212045f | 50 | broadcast_ssid=$(cli_get_val "${1}") |
0e035311 MT |
51 | ;; |
52 | --channel=*) | |
2212045f | 53 | channel=$(cli_get_val "${1}") |
0e035311 | 54 | ;; |
f9e980d9 MT |
55 | --channel-bandwidth=*) |
56 | channel_bandwidth="$(cli_get_val "${1}")" | |
57 | ;; | |
7b297fb2 MT |
58 | --dfs=*) |
59 | dfs="$(cli_get_val "${1}")" | |
60 | ;; | |
0e035311 | 61 | --encryption=*) |
2212045f | 62 | encryption=$(cli_get_val "${1}") |
0e035311 MT |
63 | ;; |
64 | --key=*) | |
2212045f | 65 | key=$(cli_get_val "${1}") |
0e035311 | 66 | ;; |
4cfc085f | 67 | --mode=*) |
2212045f | 68 | mode=$(cli_get_val "${1}") |
6c262922 MT |
69 | |
70 | if ! isoneof mode ${HOSTAPD_SUPPORTED_MODES}; then | |
71 | error "Unsupported mode: ${mode}" | |
72 | return ${EXIT_ERROR} | |
73 | fi | |
4cfc085f MT |
74 | ;; |
75 | --ssid=*) | |
2212045f | 76 | ssid=$(cli_get_val "${1}") |
4cfc085f | 77 | ;; |
19c166f8 MT |
78 | --wmm=*) |
79 | local val="$(cli_get_val "${1}")" | |
80 | if enabled val; then | |
81 | wmm="1" | |
82 | else | |
83 | wmm="0" | |
84 | fi | |
85 | ;; | |
0e035311 MT |
86 | *) |
87 | warning_log "Ignoring unknown argument '${1}'." | |
88 | ;; | |
89 | esac | |
90 | shift | |
91 | done | |
92 | ||
6c262922 MT |
93 | # Check if mode is set |
94 | if ! isset mode; then | |
95 | error "Mode is not set" | |
96 | return ${EXIT_ERROR} | |
97 | fi | |
98 | ||
0e035311 MT |
99 | assert isset broadcast_ssid |
100 | assert isbool broadcast_ssid | |
101 | ||
102 | assert isset channel | |
103 | assert isinteger channel | |
104 | ||
0e035311 MT |
105 | assert isset mode |
106 | assert isset ssid | |
107 | ||
108 | # Check if key is set when encryption is used. | |
109 | if isset encryption; then | |
110 | assert isoneof encryption WPA WPA2 WPA/WPA2 | |
111 | assert isset key | |
112 | fi | |
113 | ||
1b4aa2ca MT |
114 | # With channel 0, ACS must be supported |
115 | if [ ${channel} -eq 0 ] && ! wireless_supports_acs "${device}"; then | |
116 | error "ACS requested, but not supported by ${device}" | |
117 | return ${EXIT_ERROR} | |
118 | fi | |
119 | ||
f9e980d9 MT |
120 | # Check channel bandwidth for validity |
121 | if isset channel_bandwidth && ! wireless_channel_bandwidth_is_valid "${mode}" "${channel_bandwidth}"; then | |
122 | error "Invalid channel bandwidth for ${mode}: ${channel_bandwidth}" | |
123 | return ${EXIT_ERROR} | |
124 | fi | |
125 | ||
6c262922 MT |
126 | # 802.11ac/n flags |
127 | local ieee80211ac | |
128 | local ieee80211n | |
129 | local vht_caps | |
f9e980d9 | 130 | local vht_oper_chwidth="0" |
6c262922 MT |
131 | local ht_caps |
132 | ||
133 | local hw_mode | |
134 | case "${mode}" in | |
135 | 802.11a) | |
136 | hw_mode="a" | |
137 | ;; | |
138 | ||
139 | 802.11a/n) | |
140 | hw_mode="a" | |
141 | ieee80211n="1" | |
142 | ||
143 | # Fetch HT caps | |
144 | ht_caps="$(wireless_get_ht_caps "${device}")" | |
145 | ;; | |
146 | ||
147 | 802.11g) | |
148 | hw_mode="g" | |
149 | ;; | |
150 | ||
151 | 802.11g/n) | |
152 | hw_mode="g" | |
153 | ieee80211n="1" | |
154 | ||
155 | # Fetch HT caps | |
156 | ht_caps="$(wireless_get_ht_caps "${device}")" | |
157 | ;; | |
158 | ||
159 | 802.11ac) | |
160 | hw_mode="a" | |
161 | ieee80211ac="1" | |
162 | ieee80211n="1" | |
163 | ||
164 | # Fetch VHT caps | |
165 | vht_caps="$(wireless_get_vht_caps "${device}")" | |
1526e219 | 166 | |
6c262922 MT |
167 | # Fetch HT caps |
168 | ht_caps="$(wireless_get_ht_caps "${device}")" | |
f9e980d9 MT |
169 | |
170 | case "${channel_bandwidth}" in | |
171 | 80) | |
172 | vht_oper_chwidth="1" | |
173 | ;; | |
174 | 160) | |
175 | vht_oper_chwidth="2" | |
176 | ;; | |
177 | 80+80) | |
178 | vht_oper_chwidth="3" | |
179 | ;; | |
180 | esac | |
6c262922 MT |
181 | ;; |
182 | esac | |
0e1c630c | 183 | |
49ec20d8 MT |
184 | # Create configuration directory. |
185 | local config_dir=$(dirname ${file}) | |
186 | mkdir -p ${HOSTAPD_CONTROL_INTERFACE_DIR} ${config_dir} 2>/dev/null | |
187 | ||
188 | config_header "hostapd" > ${file} | |
189 | ||
190 | # Interface configuration | |
191 | ( | |
192 | print "# Interface configuration" | |
193 | print "driver=nl80211" | |
194 | print "interface=${device}" | |
195 | ||
196 | ) >> ${file} | |
197 | ||
198 | # Wireless configuration | |
0e035311 MT |
199 | local ignore_broadcast_ssid |
200 | if enabled broadcast_ssid; then | |
201 | ignore_broadcast_ssid="0" | |
202 | else | |
203 | ignore_broadcast_ssid="1" | |
204 | fi | |
205 | ||
49ec20d8 | 206 | ( |
b6ec3dd6 MT |
207 | print "# Default settings" |
208 | ||
209 | # Advertise country code and maximum transmission power | |
210 | print "ieee80211d=1" | |
211 | ||
6c262922 | 212 | # Enable Radar Detection |
dc6d97fb | 213 | if enabled dfs && wireless_supports_dfs "${device}"; then |
7b297fb2 MT |
214 | print "ieee80211h=1" |
215 | else | |
216 | print "ieee80211h=0" | |
217 | fi | |
6c262922 MT |
218 | |
219 | print # empty line | |
220 | ||
49ec20d8 | 221 | print "# Wireless configuration" |
6c262922 MT |
222 | print "hw_mode=${hw_mode}" |
223 | ||
224 | if isset ieee80211ac; then | |
225 | print "ieee80211ac=${ieee80211ac}" | |
226 | fi | |
227 | ||
228 | if isset ieee80211n; then | |
229 | print "ieee80211n=${ieee80211n}" | |
230 | fi | |
231 | ||
49ec20d8 MT |
232 | print "channel=${channel}" |
233 | print "country_code=${country_code}" | |
49ec20d8 | 234 | print "ignore_broadcast_ssid=${ignore_broadcast_ssid}" |
0e035311 | 235 | |
49ec20d8 MT |
236 | if contains_spaces "${ssid}"; then |
237 | print "ssid=\"${ssid}\"" | |
238 | else | |
239 | print "ssid=${ssid}" | |
240 | fi | |
0e035311 | 241 | |
19c166f8 MT |
242 | # WMM |
243 | print "wmm_enabled=${wmm}" | |
244 | ||
1526e219 MT |
245 | # Enable VHT caps |
246 | if isset vht_caps; then | |
247 | print "vht_capab=${vht_caps}" | |
248 | fi | |
249 | ||
0e1c630c MT |
250 | # Enable HT caps |
251 | print "ht_capab=${ht_caps}" | |
252 | ||
f9e980d9 MT |
253 | # Wider Channels |
254 | print "vht_oper_chwidth=${vht_oper_chwidth}" | |
255 | ||
49ec20d8 MT |
256 | |
257 | ) >> ${file} | |
0e035311 | 258 | |
49ec20d8 MT |
259 | # Control interface. |
260 | ( | |
261 | print "# Control interface" | |
262 | print "ctrl_interface=${HOSTAPD_CONTROL_INTERFACE_DIR}" | |
263 | print "ctrl_interface_group=0" | |
264 | ||
265 | ) >> ${file} | |
0e035311 | 266 | |
49ec20d8 | 267 | # Encryption settings |
0e035311 MT |
268 | if isset encryption; then |
269 | local encryption_mode=0 | |
270 | case "${encryption}" in | |
271 | WPA) | |
272 | encryption_mode=1 | |
273 | ;; | |
274 | WPA2) | |
275 | encryption_mode=2 | |
276 | ;; | |
277 | WPA/WPA2) | |
278 | encryption_mode=3 | |
279 | ;; | |
280 | esac | |
281 | ||
49ec20d8 MT |
282 | ( |
283 | print "# Encryption settings" | |
284 | print "wpa=${encryption_mode}" | |
285 | print "wpa_passphrase=${key}" | |
286 | print "wpa_key_mgmt=WPA-PSK" | |
287 | print "wpa_pairwise=TKIP" | |
288 | print "rsn_pairwise=CCMP" | |
289 | ||
290 | ) >> ${file} | |
0e035311 MT |
291 | fi |
292 | ||
293 | return ${EXIT_OK} | |
294 | } | |
295 | ||
1c6a4e30 | 296 | hostapd_start() { |
0e035311 | 297 | local device=${1} |
0e035311 MT |
298 | assert isset device |
299 | ||
0e035311 MT |
300 | service_start "hostapd@${device}.service" |
301 | local ret=$? | |
302 | ||
49ec20d8 MT |
303 | if [ ${ret} -eq ${EXIT_OK} ]; then |
304 | log DEBUG "hostapd has been successfully started on '${device}'" | |
305 | else | |
306 | log ERROR "Could not start hostapd on '${device}': ${ret}" | |
307 | return ${EXIT_ERROR} | |
308 | fi | |
309 | ||
310 | return ${EXIT_OK} | |
0e035311 MT |
311 | } |
312 | ||
1c6a4e30 | 313 | hostapd_stop() { |
0e035311 MT |
314 | local device=${1} |
315 | assert isset device | |
316 | ||
317 | service_stop "hostapd@${device}.service" | |
0e035311 | 318 | } |