]>
Commit | Line | Data |
---|---|---|
1 | #!/bin/bash | |
2 | ############################################################################### | |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
5 | # Copyright (C) 2012 IPFire Network Development Team # | |
6 | # # | |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | ############################################################################### | |
21 | ||
22 | # Sets the global wireless country code. Default is 00 = world. | |
23 | WIRELESS_REGULATORY_DOMAIN="00" | |
24 | NETWORK_SETTINGS_FILE_PARAMS="${NETWORK_SETTINGS_FILE_PARAMS} WIRELESS_REGULATORY_DOMAIN" | |
25 | ||
26 | WIRELESS_REGULATORY_DOMAIN_DATABASE="/usr/lib/crda/regulatory.bin" | |
27 | ||
28 | WIRELESS_DEFAULT_ENCRYPTION_MODE="NONE" | |
29 | WIRELESS_VALID_ENCRYPTION_MODES="WPA2-PSK-SHA256 WPA2-PSK \ | |
30 | WPA-PSK-SHA256 WPA-PSK NONE" | |
31 | ||
32 | cli_wireless() { | |
33 | local action=${1} | |
34 | shift 1 | |
35 | ||
36 | case "${action}" in | |
37 | network) | |
38 | cli_wireless_network "$@" | |
39 | ;; | |
40 | *) | |
41 | error "Unrecognized argument: ${action}" | |
42 | exit ${EXIT_ERROR} | |
43 | ;; | |
44 | esac | |
45 | } | |
46 | ||
47 | wireless_create() { | |
48 | local device=${1} | |
49 | assert isset device | |
50 | shift | |
51 | ||
52 | local address | |
53 | local channel | |
54 | local phy | |
55 | local type="managed" | |
56 | ||
57 | while [ $# -gt 0 ]; do | |
58 | case "${1}" in | |
59 | --address=*) | |
60 | address=$(cli_get_val "${1}") | |
61 | ;; | |
62 | --channel=*) | |
63 | channel=$(cli_get_val "${1}") | |
64 | ;; | |
65 | --phy=*) | |
66 | phy=$(cli_get_val "${1}") | |
67 | phy=$(phy_get ${phy}) | |
68 | ;; | |
69 | --type=*) | |
70 | type=$(cli_get_val "${1}") | |
71 | ||
72 | # ap --> __ap | |
73 | [ "${type}" = "ap" ] && type="__ap" | |
74 | ;; | |
75 | *) | |
76 | error "Unrecognized argument: ${1}" | |
77 | return ${EXIT_ERROR} | |
78 | ;; | |
79 | esac | |
80 | shift | |
81 | done | |
82 | ||
83 | case "${type}" in | |
84 | ibss|managed|monitor|__ap) | |
85 | ;; | |
86 | mesh-point) | |
87 | type="mp" | |
88 | ;; | |
89 | *) | |
90 | log ERROR "Unknown type: ${type}" | |
91 | return ${EXIT_ERROR} | |
92 | ;; | |
93 | ||
94 | esac | |
95 | ||
96 | assert phy_exists ${phy} | |
97 | isset address || address=$(mac_generate) | |
98 | ||
99 | cmd_quiet iw phy ${phy} interface add ${device} type ${type} | |
100 | local ret=$? | |
101 | ||
102 | if [ ${ret} -eq ${EXIT_OK} ]; then | |
103 | log DEBUG "created wireless device '${device}' (${type})" | |
104 | ||
105 | if isset address; then | |
106 | device_set_address ${device} ${address} | |
107 | fi | |
108 | else | |
109 | log ERROR "could not create wireless device '${device}' (${type}): ${ret}" | |
110 | fi | |
111 | ||
112 | # Set the channel | |
113 | if isset channel; then | |
114 | wireless_set_channel "${device}" "${channel}" || return $? | |
115 | fi | |
116 | ||
117 | return ${ret} | |
118 | } | |
119 | ||
120 | wireless_remove() { | |
121 | local device=${1} | |
122 | assert isset device | |
123 | ||
124 | if ! device_exists ${device}; then | |
125 | return ${EXIT_OK} | |
126 | fi | |
127 | ||
128 | # Tear down the device (if necessary). | |
129 | device_set_down ${device} | |
130 | ||
131 | # Remove it. | |
132 | cmd_quiet iw dev ${device} del | |
133 | local ret=$? | |
134 | ||
135 | if [ ${ret} -eq ${EXIT_OK} ]; then | |
136 | log DEBUG "removed wireless device '${device}'" | |
137 | else | |
138 | log ERROR "could not remove wireless device '${device}': ${ret}" | |
139 | fi | |
140 | ||
141 | return ${ret} | |
142 | } | |
143 | ||
144 | wireless_get_reg_domain() { | |
145 | # Returns the country code for the wireless device. | |
146 | # Defaults to 00 = world if unset. | |
147 | print "${WIRELESS_REGULATORY_DOMAIN:-00}" | |
148 | } | |
149 | ||
150 | wireless_init_reg_domain() { | |
151 | local country_code="$(wireless_get_reg_domain)" | |
152 | ||
153 | wireless_set_reg_domain "${country_code}" --no-reset | |
154 | } | |
155 | ||
156 | wireless_set_reg_domain() { | |
157 | local country_code | |
158 | local reset="true" | |
159 | ||
160 | while [ $# -gt 0 ]; do | |
161 | case "${1}" in | |
162 | --no-reset) | |
163 | reset="false" | |
164 | ;; | |
165 | -*) | |
166 | log ERROR "Ignoring invalid option: ${1}" | |
167 | ;; | |
168 | *) | |
169 | country_code="${1}" | |
170 | ;; | |
171 | esac | |
172 | shift | |
173 | done | |
174 | ||
175 | # Check if configuration value is valid | |
176 | if ! wireless_valid_reg_domain "${country_code}"; then | |
177 | log ERROR "Invalid wireless regulatory domain: ${country_code}" | |
178 | return ${EXIT_ERROR} | |
179 | fi | |
180 | ||
181 | # Before the wireless reg domain is set, it helps to reset to 00 first. | |
182 | if enabled reset; then | |
183 | iw reg set 00 &>/dev/null | |
184 | fi | |
185 | ||
186 | log INFO "Setting wireless regulatory domain country to '${country_code}'" | |
187 | iw reg set "${country_code}" | |
188 | } | |
189 | ||
190 | wireless_valid_reg_domain() { | |
191 | local country_code="${1}" | |
192 | ||
193 | # Empty country codes are invalid | |
194 | isset country_code || return ${EXIT_FALSE} | |
195 | ||
196 | local valid_country_codes="$(wireless_list_reg_domains)" | |
197 | ||
198 | if list_match "${country_code}" ${valid_country_codes}; then | |
199 | return ${EXIT_TRUE} | |
200 | fi | |
201 | ||
202 | return ${EXIT_FALSE} | |
203 | } | |
204 | ||
205 | wireless_list_reg_domains() { | |
206 | if [ ! -r "${WIRELESS_REGULATORY_DOMAIN_DATABASE}" ]; then | |
207 | log ERROR "Could not read ${WIRELESS_REGULATORY_DOMAIN_DATABASE}" | |
208 | return ${EXIT_ERROR} | |
209 | fi | |
210 | ||
211 | local line | |
212 | while read line; do | |
213 | # Check if line starts with "country" | |
214 | [ "${line:0:7}" = "country" ] || continue | |
215 | ||
216 | # Print country code | |
217 | print "${line:8:2}" | |
218 | done <<< "$(regdbdump ${WIRELESS_REGULATORY_DOMAIN_DATABASE})" | |
219 | } | |
220 | ||
221 | # http://en.wikipedia.org/wiki/List_of_WLAN_channels | |
222 | wireless_channel_to_frequency() { | |
223 | local channel=${1} | |
224 | ||
225 | # Works only for valid channel numbers | |
226 | if ! wireless_channel_is_valid "${channel}"; then | |
227 | log ERROR "Invalid wireless channel: ${channel}" | |
228 | return ${EXIT_ERROR} | |
229 | fi | |
230 | ||
231 | # 2.4 GHz band | |
232 | case "${channel}" in | |
233 | [123456789]|1[0123]) | |
234 | print "$(( 2407 + (${channel} * 5)))" | |
235 | return ${EXIT_OK} | |
236 | ;; | |
237 | 14) | |
238 | print "2484" | |
239 | return ${EXIT_OK} | |
240 | ;; | |
241 | esac | |
242 | ||
243 | # 5 GHz band | |
244 | case "${channel}" in | |
245 | 3[68]|4[02468]|5[26]|6[04]|10[048]|11[26]|12[048]|13[26]|14[09]|15[37]|16[15]) | |
246 | print "$(( 5000 + (${channel} * 5)))" | |
247 | return ${EXIT_OK} | |
248 | ;; | |
249 | esac | |
250 | ||
251 | return ${EXIT_ERROR} | |
252 | } | |
253 | ||
254 | wireless_frequency_to_channel() { | |
255 | local frequency=${1} | |
256 | ||
257 | assert isinteger frequency | |
258 | ||
259 | # Everything that is too high | |
260 | if [ ${frequency} -gt 5825 ]; then | |
261 | return ${EXIT_ERROR} | |
262 | ||
263 | # 5 GHz Band | |
264 | elif [ ${frequency} -gt 5000 ]; then | |
265 | (( frequency = frequency - 5000 )) | |
266 | ||
267 | # Must be divisible by 5 | |
268 | [ "$(( frequency % 5 ))" -ne 0 ] && return ${EXIT_ERROR} | |
269 | ||
270 | print "$(( frequency / 5 ))" | |
271 | ||
272 | # 2.4 GHz Band - Channel 14 | |
273 | elif [ ${frequency} -eq 2484 ]; then | |
274 | print "14" | |
275 | ||
276 | # 2.4 GHz Band | |
277 | elif [ ${frequency} -gt 2407 ]; then | |
278 | (( frequency = frequency - 2407 )) | |
279 | ||
280 | # Must be divisible by 5 | |
281 | [ "$(( frequency % 5 ))" -ne 0 ] && return ${EXIT_ERROR} | |
282 | ||
283 | print "$(( frequency / 5 ))" | |
284 | ||
285 | # Everything else | |
286 | else | |
287 | return ${EXIT_ERROR} | |
288 | fi | |
289 | ||
290 | return ${EXIT_OK} | |
291 | } | |
292 | ||
293 | wireless_channel_is_valid() { | |
294 | local channel=${1} | |
295 | ||
296 | case "${channel}" in | |
297 | # 2.4 GHz Band | |
298 | [123456789]|1[0123]|14) | |
299 | return ${EXIT_TRUE} | |
300 | ;; | |
301 | ||
302 | # 5 GHz Band | |
303 | 3[68]|4[02468]|5[26]|6[04]|10[048]|11[26]|12[048]|13[26]|14[09]|15[37]|16[15]) | |
304 | return ${EXIT_TRUE} | |
305 | ;; | |
306 | esac | |
307 | ||
308 | # Invalid channel number given | |
309 | return ${EXIT_FALSE} | |
310 | } | |
311 | ||
312 | wireless_set_channel() { | |
313 | local device=${1} | |
314 | local channel=${2} | |
315 | ||
316 | # Check if the device exists | |
317 | if ! device_exists "${device}"; then | |
318 | log ERROR "No such device: ${device}" | |
319 | return ${EXIT_ERROR} | |
320 | fi | |
321 | ||
322 | # Check if the channel number is valid | |
323 | if ! wireless_channel_is_valid "${channel}"; then | |
324 | log ERROR "Invalid wireless channel: ${channel}" | |
325 | return ${EXIT_ERROR} | |
326 | fi | |
327 | ||
328 | log DEBUG "Setting wireless channel on device '${device}' to channel '${channel}'" | |
329 | cmd iw dev "${device}" set channel "${channel}" | |
330 | } | |
331 | ||
332 | wireless_pre_shared_key_is_valid() { | |
333 | local encryption_mode="${1}" | |
334 | local psk="${2}" | |
335 | ||
336 | # Length of the PSK | |
337 | local l="${#psk}" | |
338 | ||
339 | case "${encryption_mode}" in | |
340 | # For WPA*, the key must be between 8 and 63 chars | |
341 | WPA2-PSK|WPA2-PSK-SHA256|WPA-PSK|WPA-PSK-SHA256) | |
342 | if [ ${l} -ge 8 ] && [ ${l} -le 63 ]; then | |
343 | return ${EXIT_TRUE} | |
344 | fi | |
345 | ||
346 | return ${EXIT_FALSE} | |
347 | ;; | |
348 | ||
349 | WEP) | |
350 | # XXX need to check if the key is entered in | |
351 | # hex or ascii and then count the bytes | |
352 | ;; | |
353 | esac | |
354 | ||
355 | return ${EXIT_ERROR} | |
356 | } | |
357 | ||
358 | wireless_client_is_connected() { | |
359 | local device="${1}" | |
360 | ||
361 | device_has_carrier "${device}" | |
362 | } | |
363 | ||
364 | wireless_ibss_join() { | |
365 | local device=${1} | |
366 | assert isset device | |
367 | shift | |
368 | ||
369 | local bssid | |
370 | local essid | |
371 | local frequency | |
372 | ||
373 | while [ $# -gt 0 ]; do | |
374 | case "${1}" in | |
375 | --bssid=*) | |
376 | bssid="$(cli_get_val "${1}")" | |
377 | ;; | |
378 | --essid=*) | |
379 | essid="$(cli_get_val "${1}")" | |
380 | ;; | |
381 | --channel=*) | |
382 | local channel="$(cli_get_val "${1}")" | |
383 | ||
384 | # Save the frequency of the channel instead | |
385 | # of the channel itself. | |
386 | if isset channel; then | |
387 | frequency="$(wireless_channel_to_frequency ${channel})" | |
388 | fi | |
389 | ;; | |
390 | esac | |
391 | shift | |
392 | done | |
393 | ||
394 | # Check input. | |
395 | assert ismac bssid | |
396 | assert isset essid | |
397 | assert isinteger frequency | |
398 | ||
399 | # Set device up. | |
400 | device_set_up "${device}" | |
401 | ||
402 | log INFO "${device} joining ibss network: ${essid} (${bssid})" | |
403 | cmd_quiet iw dev "${device}" ibss join "${essid}" \ | |
404 | "${frequency}" fixed-freq "${bssid}" | |
405 | } | |
406 | ||
407 | wireless_ibss_leave() { | |
408 | local device=${1} | |
409 | assert isset device | |
410 | ||
411 | log INFO "${device} leaving ibss network" | |
412 | cmd_quiet iw dev "${device}" ibss leave | |
413 | } | |
414 | ||
415 | wireless_is_radar_frequency() { | |
416 | local frequency="${1}" | |
417 | assert isset frequency | |
418 | ||
419 | [[ ${frequency} -ge 5260 ]] && [[ ${frequency} -le 5700 ]] | |
420 | } | |
421 | ||
422 | wireless_monitor() { | |
423 | local device="${1}" | |
424 | assert isset device | |
425 | shift | |
426 | ||
427 | local monitor_device="$(port_find_free "${PORT_PATTERN_WIRELESS_MONITOR}")" | |
428 | ||
429 | # Create an 802.11 monitoring device | |
430 | wireless_create "${monitor_device}" --phy="${device}" --type="monitor" | |
431 | local ret=$? | |
432 | ||
433 | case "${ret}" in | |
434 | 0) | |
435 | # Bring up the device | |
436 | device_set_up "${monitor_device}" | |
437 | ||
438 | # Starting tcpdump | |
439 | tcpdump -i "${monitor_device}" "$@" | |
440 | ||
441 | # Remove the monitoring interface. | |
442 | wireless_remove "${monitor_device}" | |
443 | ;; | |
444 | ||
445 | *) | |
446 | log ERROR "Could not create a monitoring interface on ${device}" | |
447 | return ${EXIT_ERROR} | |
448 | ;; | |
449 | esac | |
450 | ||
451 | return ${EXIT_OK} | |
452 | } |