]>
Commit | Line | Data |
---|---|---|
d76f5107 | 1 | #!/bin/bash |
1578dae9 MT |
2 | ############################################################################### |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
0e035311 | 5 | # Copyright (C) 2012 IPFire Network Development Team # |
1578dae9 MT |
6 | # # |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | ############################################################################### | |
d76f5107 | 21 | |
31670741 MT |
22 | # Sets the global wireless country code. Default is 00 = world. |
23 | WIRELESS_REGULATORY_DOMAIN="00" | |
e9df08ad | 24 | NETWORK_SETTINGS_FILE_PARAMS="${NETWORK_SETTINGS_FILE_PARAMS} WIRELESS_REGULATORY_DOMAIN" |
31670741 | 25 | |
ab9e0fd0 MT |
26 | WIRELESS_REGULATORY_DOMAIN_DATABASE="/usr/lib/crda/regulatory.bin" |
27 | ||
1c9e2fa8 MT |
28 | WIRELESS_DEFAULT_ENCRYPTION_MODE="NONE" |
29 | WIRELESS_VALID_ENCRYPTION_MODES="WPA2-PSK-SHA256 WPA2-PSK \ | |
30 | WPA-PSK-SHA256 WPA-PSK WEP NONE" | |
31 | ||
49958b8c MT |
32 | cli_wireless() { |
33 | local action=${1} | |
34 | shift 1 | |
47feaba1 | 35 | |
49958b8c MT |
36 | case "${action}" in |
37 | network) | |
38 | cli_wireless_network "$@" | |
39 | ;; | |
40 | *) | |
41 | error "Unrecognized argument: ${action}" | |
42 | exit ${EXIT_ERROR} | |
43 | ;; | |
44 | esac | |
45 | } | |
47feaba1 | 46 | |
1c6a4e30 | 47 | wireless_create() { |
d76f5107 | 48 | local device=${1} |
d76f5107 | 49 | assert isset device |
22a61046 | 50 | shift |
d76f5107 | 51 | |
22a61046 | 52 | local address |
9170fc35 | 53 | local channel |
22a61046 MT |
54 | local phy |
55 | local type="managed" | |
56 | ||
57 | while [ $# -gt 0 ]; do | |
58 | case "${1}" in | |
59 | --address=*) | |
2212045f | 60 | address=$(cli_get_val "${1}") |
22a61046 | 61 | ;; |
9170fc35 MT |
62 | --channel=*) |
63 | channel=$(cli_get_val "${1}") | |
64 | ;; | |
22a61046 | 65 | --phy=*) |
2212045f | 66 | phy=$(cli_get_val "${1}") |
22a61046 MT |
67 | phy=$(phy_get ${phy}) |
68 | ;; | |
69 | --type=*) | |
2212045f | 70 | type=$(cli_get_val "${1}") |
22a61046 MT |
71 | |
72 | # ap --> __ap | |
73 | [ "${type}" = "ap" ] && type="__ap" | |
74 | ;; | |
75 | *) | |
76 | error "Unrecognized argument: ${1}" | |
77 | return ${EXIT_ERROR} | |
78 | ;; | |
79 | esac | |
80 | shift | |
81 | done | |
d76f5107 | 82 | |
be5ddfb5 MT |
83 | case "${type}" in |
84 | ibss|managed|monitor|__ap) | |
85 | ;; | |
86 | mesh-point) | |
87 | type="mp" | |
88 | ;; | |
89 | *) | |
90 | log ERROR "Unknown type: ${type}" | |
91 | return ${EXIT_ERROR} | |
92 | ;; | |
93 | ||
94 | esac | |
95 | ||
22a61046 MT |
96 | assert phy_exists ${phy} |
97 | isset address || address=$(mac_generate) | |
98 | ||
99 | cmd_quiet iw phy ${phy} interface add ${device} type ${type} | |
100 | local ret=$? | |
d76f5107 | 101 | |
22a61046 MT |
102 | if [ ${ret} -eq ${EXIT_OK} ]; then |
103 | log DEBUG "created wireless device '${device}' (${type})" | |
d76f5107 | 104 | |
22a61046 MT |
105 | if isset address; then |
106 | device_set_address ${device} ${address} | |
107 | fi | |
108 | else | |
109 | log ERROR "could not create wireless device '${device}' (${type}): ${ret}" | |
d76f5107 MT |
110 | fi |
111 | ||
9170fc35 MT |
112 | # Set the channel |
113 | if isset channel; then | |
114 | wireless_set_channel "${device}" "${channel}" || return $? | |
115 | fi | |
116 | ||
22a61046 | 117 | return ${ret} |
d76f5107 MT |
118 | } |
119 | ||
1c6a4e30 | 120 | wireless_remove() { |
d76f5107 | 121 | local device=${1} |
22a61046 | 122 | assert isset device |
d76f5107 | 123 | |
22a61046 MT |
124 | if ! device_exists ${device}; then |
125 | return ${EXIT_OK} | |
126 | fi | |
d76f5107 | 127 | |
22a61046 | 128 | # Tear down the device (if necessary). |
d76f5107 MT |
129 | device_set_down ${device} |
130 | ||
22a61046 MT |
131 | # Remove it. |
132 | cmd_quiet iw dev ${device} del | |
133 | local ret=$? | |
134 | ||
135 | if [ ${ret} -eq ${EXIT_OK} ]; then | |
136 | log DEBUG "removed wireless device '${device}'" | |
137 | else | |
138 | log ERROR "could not remove wireless device '${device}': ${ret}" | |
139 | fi | |
140 | ||
141 | return ${ret} | |
d76f5107 MT |
142 | } |
143 | ||
1c6a4e30 | 144 | wireless_get_reg_domain() { |
31670741 MT |
145 | # Returns the country code for the wireless device. |
146 | # Defaults to 00 = world if unset. | |
147 | print "${WIRELESS_REGULATORY_DOMAIN:-00}" | |
148 | } | |
149 | ||
1c6a4e30 | 150 | wireless_init_reg_domain() { |
31670741 MT |
151 | local country_code="$(wireless_get_reg_domain)" |
152 | ||
06a6f01e | 153 | wireless_set_reg_domain "${country_code}" --no-reset |
31670741 MT |
154 | } |
155 | ||
1c6a4e30 | 156 | wireless_set_reg_domain() { |
06a6f01e MT |
157 | local country_code |
158 | local reset="true" | |
159 | ||
160 | while [ $# -gt 0 ]; do | |
161 | case "${1}" in | |
162 | --no-reset) | |
163 | reset="false" | |
164 | ;; | |
165 | -*) | |
166 | log ERROR "Ignoring invalid option: ${1}" | |
167 | ;; | |
168 | *) | |
169 | country_code="${1}" | |
170 | ;; | |
171 | esac | |
172 | shift | |
173 | done | |
174 | ||
ab9e0fd0 MT |
175 | # Check if configuration value is valid |
176 | if ! wireless_valid_reg_domain "${country_code}"; then | |
177 | log ERROR "Invalid wireless regulatory domain: ${country_code}" | |
178 | return ${EXIT_ERROR} | |
179 | fi | |
31670741 MT |
180 | |
181 | # Before the wireless reg domain is set, it helps to reset to 00 first. | |
06a6f01e MT |
182 | if enabled reset; then |
183 | iw reg set 00 &>/dev/null | |
184 | fi | |
31670741 MT |
185 | |
186 | log INFO "Setting wireless regulatory domain country to '${country_code}'" | |
187 | iw reg set "${country_code}" | |
188 | } | |
189 | ||
ab9e0fd0 MT |
190 | wireless_valid_reg_domain() { |
191 | local country_code="${1}" | |
192 | ||
193 | # Empty country codes are invalid | |
194 | isset country_code || return ${EXIT_FALSE} | |
195 | ||
196 | local valid_country_codes="$(wireless_list_reg_domains)" | |
197 | ||
198 | if list_match "${country_code}" ${valid_country_codes}; then | |
199 | return ${EXIT_TRUE} | |
200 | fi | |
201 | ||
202 | return ${EXIT_FALSE} | |
203 | } | |
204 | ||
205 | wireless_list_reg_domains() { | |
206 | if [ ! -r "${WIRELESS_REGULATORY_DOMAIN_DATABASE}" ]; then | |
207 | log ERROR "Could not read ${WIRELESS_REGULATORY_DOMAIN_DATABASE}" | |
208 | return ${EXIT_ERROR} | |
209 | fi | |
210 | ||
211 | local line | |
212 | while read line; do | |
213 | # Check if line starts with "country" | |
214 | [ "${line:0:7}" = "country" ] || continue | |
215 | ||
216 | # Print country code | |
217 | print "${line:8:2}" | |
218 | done <<< "$(regdbdump ${WIRELESS_REGULATORY_DOMAIN_DATABASE})" | |
219 | } | |
220 | ||
f8b7f135 | 221 | # http://en.wikipedia.org/wiki/List_of_WLAN_channels |
1c6a4e30 | 222 | wireless_channel_to_frequency() { |
91987cc5 | 223 | local channel=${1} |
91987cc5 | 224 | |
f8b7f135 MT |
225 | # Works only for valid channel numbers |
226 | if ! wireless_channel_is_valid "${channel}"; then | |
227 | log ERROR "Invalid wireless channel: ${channel}" | |
228 | return ${EXIT_ERROR} | |
229 | fi | |
91987cc5 MT |
230 | |
231 | # 2.4 GHz band | |
232 | case "${channel}" in | |
233 | [123456789]|1[0123]) | |
234 | print "$(( 2407 + (${channel} * 5)))" | |
235 | return ${EXIT_OK} | |
236 | ;; | |
237 | 14) | |
238 | print "2484" | |
239 | return ${EXIT_OK} | |
240 | ;; | |
241 | esac | |
242 | ||
243 | # 5 GHz band | |
244 | case "${channel}" in | |
245 | 3[68]|4[02468]|5[26]|6[04]|10[048]|11[26]|12[048]|13[26]|14[09]|15[37]|16[15]) | |
246 | print "$(( 5000 + (${channel} * 5)))" | |
247 | return ${EXIT_OK} | |
248 | ;; | |
249 | esac | |
250 | ||
251 | return ${EXIT_ERROR} | |
252 | } | |
253 | ||
97877f23 MT |
254 | wireless_frequency_to_channel() { |
255 | local frequency=${1} | |
256 | ||
257 | assert isinteger frequency | |
258 | ||
259 | # Everything that is too high | |
260 | if [ ${frequency} -gt 5825 ]; then | |
261 | return ${EXIT_ERROR} | |
262 | ||
263 | # 5 GHz Band | |
264 | elif [ ${frequency} -gt 5000 ]; then | |
265 | (( frequency = frequency - 5000 )) | |
266 | ||
267 | # Must be divisible by 5 | |
268 | [ "$(( frequency % 5 ))" -ne 0 ] && return ${EXIT_ERROR} | |
269 | ||
270 | print "$(( frequency / 5 ))" | |
271 | ||
272 | # 2.4 GHz Band - Channel 14 | |
273 | elif [ ${frequency} -eq 2484 ]; then | |
274 | print "14" | |
275 | ||
276 | # 2.4 GHz Band | |
277 | elif [ ${frequency} -gt 2407 ]; then | |
278 | (( frequency = frequency - 2407 )) | |
279 | ||
280 | # Must be divisible by 5 | |
281 | [ "$(( frequency % 5 ))" -ne 0 ] && return ${EXIT_ERROR} | |
282 | ||
283 | print "$(( frequency / 5 ))" | |
284 | ||
285 | # Everything else | |
286 | else | |
287 | return ${EXIT_ERROR} | |
288 | fi | |
289 | ||
290 | return ${EXIT_OK} | |
291 | } | |
292 | ||
f8b7f135 MT |
293 | wireless_channel_is_valid() { |
294 | local channel=${1} | |
295 | ||
296 | case "${channel}" in | |
297 | # 2.4 GHz Band | |
298 | [123456789]|1[0123]|14) | |
299 | return ${EXIT_TRUE} | |
300 | ;; | |
301 | ||
302 | # 5 GHz Band | |
303 | 3[68]|4[02468]|5[26]|6[04]|10[048]|11[26]|12[048]|13[26]|14[09]|15[37]|16[15]) | |
304 | return ${EXIT_TRUE} | |
305 | ;; | |
306 | esac | |
307 | ||
308 | # Invalid channel number given | |
309 | return ${EXIT_FALSE} | |
310 | } | |
311 | ||
1c6a4e30 | 312 | wireless_set_channel() { |
d76f5107 | 313 | local device=${1} |
22a61046 | 314 | local channel=${2} |
d76f5107 | 315 | |
f8b7f135 MT |
316 | # Check if the device exists |
317 | if ! device_exists "${device}"; then | |
318 | log ERROR "No such device: ${device}" | |
319 | return ${EXIT_ERROR} | |
320 | fi | |
321 | ||
322 | # Check if the channel number is valid | |
323 | if ! wireless_channel_is_valid "${channel}"; then | |
324 | log ERROR "Invalid wireless channel: ${channel}" | |
325 | return ${EXIT_ERROR} | |
326 | fi | |
22a61046 | 327 | |
5a38ea84 | 328 | log DEBUG "Setting wireless channel on device '${device}' to channel '${channel}'" |
f8b7f135 | 329 | cmd iw dev "${device}" set channel "${channel}" |
d76f5107 | 330 | } |
91987cc5 | 331 | |
549c5b97 MT |
332 | wireless_pre_shared_key_is_valid() { |
333 | local encryption_mode="${1}" | |
334 | local psk="${2}" | |
335 | ||
336 | # Length of the PSK | |
337 | local l="${#psk}" | |
338 | ||
339 | case "${encryption_mode}" in | |
340 | # For WPA*, the key must be between 8 and 63 chars | |
341 | WPA2-PSK|WPA2-PSK-SHA256|WPA-PSK|WPA-PSK-SHA256) | |
342 | if [ ${l} -ge 8 ] && [ ${l} -le 63 ]; then | |
343 | return ${EXIT_TRUE} | |
344 | fi | |
345 | ||
346 | return ${EXIT_FALSE} | |
347 | ;; | |
348 | ||
349 | WEP) | |
350 | # XXX need to check if the key is entered in | |
351 | # hex or ascii and then count the bytes | |
352 | ;; | |
353 | esac | |
354 | ||
355 | return ${EXIT_ERROR} | |
356 | } | |
357 | ||
1c6a4e30 | 358 | wireless_ibss_join() { |
91987cc5 MT |
359 | local device=${1} |
360 | assert isset device | |
361 | shift | |
362 | ||
363 | local bssid | |
364 | local essid | |
365 | local frequency | |
366 | ||
367 | while [ $# -gt 0 ]; do | |
368 | case "${1}" in | |
369 | --bssid=*) | |
2212045f | 370 | bssid="$(cli_get_val "${1}")" |
91987cc5 MT |
371 | ;; |
372 | --essid=*) | |
2212045f | 373 | essid="$(cli_get_val "${1}")" |
91987cc5 MT |
374 | ;; |
375 | --channel=*) | |
2212045f | 376 | local channel="$(cli_get_val "${1}")" |
91987cc5 MT |
377 | |
378 | # Save the frequency of the channel instead | |
379 | # of the channel itself. | |
380 | if isset channel; then | |
381 | frequency="$(wireless_channel_to_frequency ${channel})" | |
382 | fi | |
383 | ;; | |
384 | esac | |
385 | shift | |
386 | done | |
387 | ||
388 | # Check input. | |
389 | assert ismac bssid | |
390 | assert isset essid | |
391 | assert isinteger frequency | |
392 | ||
393 | # Set device up. | |
394 | device_set_up "${device}" | |
395 | ||
396 | log INFO "${device} joining ibss network: ${essid} (${bssid})" | |
397 | cmd_quiet iw dev "${device}" ibss join "${essid}" \ | |
398 | "${frequency}" fixed-freq "${bssid}" | |
399 | } | |
400 | ||
1c6a4e30 | 401 | wireless_ibss_leave() { |
91987cc5 MT |
402 | local device=${1} |
403 | assert isset device | |
404 | ||
405 | log INFO "${device} leaving ibss network" | |
406 | cmd_quiet iw dev "${device}" ibss leave | |
407 | } | |
646ae5b2 | 408 | |
1c6a4e30 | 409 | wireless_is_radar_frequency() { |
646ae5b2 MT |
410 | local frequency="${1}" |
411 | assert isset frequency | |
412 | ||
413 | [[ ${frequency} -ge 5260 ]] && [[ ${frequency} -le 5700 ]] | |
414 | } | |
5a38ea84 | 415 | |
1c6a4e30 | 416 | wireless_monitor() { |
5a38ea84 MT |
417 | local device="${1}" |
418 | assert isset device | |
419 | shift | |
420 | ||
a23fdc0e | 421 | local monitor_device="$(port_find_free "${PORT_PATTERN_WIRELESS_MONITOR}")" |
5a38ea84 MT |
422 | |
423 | # Create an 802.11 monitoring device | |
424 | wireless_create "${monitor_device}" --phy="${device}" --type="monitor" | |
425 | local ret=$? | |
426 | ||
427 | case "${ret}" in | |
428 | 0) | |
429 | # Bring up the device | |
430 | device_set_up "${monitor_device}" | |
431 | ||
432 | # Starting tcpdump | |
433 | tcpdump -i "${monitor_device}" "$@" | |
434 | ||
435 | # Remove the monitoring interface. | |
436 | wireless_remove "${monitor_device}" | |
437 | ;; | |
438 | ||
439 | *) | |
440 | log ERROR "Could not create a monitoring interface on ${device}" | |
441 | return ${EXIT_ERROR} | |
442 | ;; | |
443 | esac | |
444 | ||
445 | return ${EXIT_OK} | |
446 | } |