|
Despite
widespread deployments, 802.11b, wireless base stations are
still expensive. Here's how you can use a Unix (Linux or BSD)
computer as a base station to serve a small wireless network.
by Seamus Phan
FreeBSD
or Linux workstations would be ideal for use as makeshift
802.11b base stations
 Even
with 802.11b wireless base stations being more widely deployed
today, a base stations still cost $300 and upwards. Functionality
aside, it can be expensive to link up a larger workplace through
a continuous wireless mesh.
There is an answer though, if you happen to be a Unix geek,
and don't mind dirtying your hands trying to hack some code.
All you need are FreeBSD or Linux workstations at your workplace
that aren't used extensively. Some of these stations may serve
as redundant file or print servers, or even workstations for
temporary staff, and would be ideal for use as makeshift 802.11b
base stations.
The Powered Base
There are technical advantages for using FreeBSD and Linux
workstations as base stations security, access control and
bandwidth management. Since BSD and Linux come with the likes
of packet filtering, user databases, logging, DNS, Squid Web
caching and so on, turning these workstations into wireless
base stations also means that you can customize these extra
features.
For example, you may define rules in the firewall to prevent
users not in your access list from entering your workgroup.
You can also define ports that are closed (especially pertaining
to common ports employed by Trojans and other malware) ports
to be redirected, and protocols accepted to be used in and
out of your workgroup.
Likewise, you may want to turn on local DNS so that common
entries are recognized, and even block out common advertisement
and spam host domains by mapping their domains to 127.0.0.1
(localhost).
You can also manually program pornographic, fanatical, political
and even competitors' domains into this hosts file.
With Squid, often installed with default BSD and Linux implementations,
you can also turn your workstation into a Web caching device
so that commonly visited websites can be retrieved more quickly,
and WAN bandwidth utilization can be significantly reduced.
Another default option within BSD and Linux implementations
is DHCP, which allows you to assign
local IP addresses to your workgroup.
What You Need ?
First
off, since most Linux communities seem to use the Lucent Orinoco
or WaveLAN 802.11b PC Card adapters as the basis for their
hacks, you may want to use that for your BSD or Linux workstation
as well. There are also some specific hacks for the Intersil
chipset, and you may want to experiment with some of the PC
Cards you have first, since instructions for Unix kernel device
names may differ.
The best way is to run your workstation with a PC Card slot
built in. This is the most direct method for turning workstations
into base stations. In lieu of that, you can purchase the
ISA or PCI adapter which allows you to plug the 802.11b PC
Card into the ISA or PCI adapter.
FreeBSD 4.4 Stable should be used to recognize PCI adapters
while the lowest version for ISA adapters should be FreeBSD
4.1 Stable and above. Your workstation should also have two
network interfaces, where one is connected to the Internet
(through a hub, switch or even directly), and the other to
your 802.11b interface.
Next, the Unix kernel has to be configured as an IP router.
Essentially, 802.11b base stations are routers, and turning
the workstation into a router will allow you to route wireless
and wired traffic.
On Linux, your kernel can be configured by the CONFIG_IP_ROUTER
set, and DHCP should be turned on.
Then create an /etc/pccard.conf file (to allow configuration
of PC Cards) after you configured the "wi" (wireless
interface) device in the kernel. For Linux, you are in luck,
since there are "Wireless Extensions" publicly available.
Add "CONFIG_NET_RADIO=y" to your kernel configuration
file, usually /usr/src/linux/.config, if you don't find the
file /proc/net/wireless. Once all these are done, rebuild
your kernel.
What's the catch ?
Glad you asked. A true 802.11b base station needs to be able
to run in infrastructure BSS (basic service set) mode, which
means that it should be able to act as an Ethernet hub. Wireless
clients should not communicate directly with each other, but
send data packets to the base station to be relayed to other
clients.
Linux workstations can be configured as independent or ad-hoc
mode (peer-to-peer), which is not entirely practical or useful,
or independent BSS mode (IBSS), which is not quite full infrastructure
BSS.
However, Jouni Malinen of Finland has developed a Linux driver
that enables PC Cards based on Intersil's Prism2 chipset to
work in infrastructure BSS (or host) mode. Some of the retail
adapters found to be compatible with his driver in infrastructure
BSS mode include some from D-Link, Compaq and Linksys, specifically
MAC HFA3841 and HFA3842.
And if you prefer to use the good old FreeBSD, version 4.3
onwards now is defaulted to infrastructure BSS mode. FreeBSD
is a BSD Unix variant, and specifically used in x86 architectures
(A good use for those old and obsolete x86 workstations).
If you dig Apples
Apple has conveniently left out the software base station
functionality in its new OS X operating system. However, a
software base station is basically a masquerading firewall,
and it is not too difficult to turn an AirPort-capable Mac
(AirPort is Apple's term for 802.11b WLAN) into a base station
as well.
First, create a NAT script in a text editor such as BBedit
or Pepper:
#!/bin/sh
/usr/sbin/natd
-dynamic -interface ppp0
/sbin/ipfw
-f flush
/sbin/ipfw
add divert natd all from any to any via ppp0/sbin/ipfw add
pass all from any to any Open
the Terminal application. Type "su" and press"RETURN".
Then type in your root password and press "RETURN"
again. This will enable the root account. Then copy the text
block above and type "vi NATd" in the terminal and
paste the block into the new file. Press "ESC" and
type "ZZ" to save and quit the vi editor.
While still in the Terminal application, type "chmod
700 NATd" to set the permission of the NATd file. Then
click the Airport icon in the Dock and select "Create
Computer to Computer Network...". Give the network a
name and a password if necessary. Choose the System Preferences
panel and select "Network." In the "configure"
dropdown select "Airport".
Select the TCP/IP tab and set the card to manual configuration.
Set the IP address to 10.0.1.1 and the netmask to 255.255.255.0
and leave the rest alone. Click the Airport tab and set the
network selection to the network we just created.
Return to the Terminal application and type "vi /etc/hostconfig"
to edit the IP forwarding. Scroll down the file and look for
a line that says "IPFORWARDING=-NO-". Invoke the
replace mode in the vi editor with "cw" and use
the arrow keys to scroll to the letter "N" of the
word "N". Replace "N" with YES" and
the line should read "IPFORWARDING=-YES-". Type
"ZZ" to save and exit vi. Restart the Mac and you
can configure the client machines to join this WLAN.
Onwards to work
In today's business, the ability to use tools of any kind
to increase value and productivity is key, and it is no longer
fashionable nor practical to be practicing MIS professionals
who simply specify what to buy. Maybe it's time to look in
dusty corners and salvage usable hardware to keep costs down.
Seamus Phan is research director at KnowledgeLabs
News Center (www.knowledgelabs.net), an independent technology
news bureau and writes for Network Computing-Asian Edition.
He can be reached at seamus@knowledgelabs.net. Please send
your feedback to editor@networkmagazineindia.com
|
