31.3 ÎÞÏßÍøÂç

³Â¸£¿µ¡¢ Marc Fonvieille ºÍ Murray Stokely.

31.3.1 ÎÞÏßÍøÂç»ù´¡

¡¡¡¡¾ø´ó¶àÊýÎÞÏßÍøÂç¶¼²ÉÓÃÁË IEEE® 802.11 ±ê×¼¡£ »ù±¾µÄÎÞÏßÍøÂçÖУ¬ ¶¼°üº¬¶à¸öÒÔ 2.4GHz »ò 5GHz Ƶ¶ÎµÄÎÞÏߵ粨¹ã²¥µÄÕ¾µã (²»¹ý£¬ ËæËù´¦µØÓòµÄ²»Í¬£¬ »òÕßΪÁËÄܹ»¸üºÃµØ½øÐÐͨѶ£¬ ¾ßÌåµÄƵÂÊ»áÔÚ 2.3GHz ºÍ 4.9GHz µÄ·¶Î§Äڱ仯)¡£

¡¡¡¡802.11 ÍøÂçÓÐÁ½ÖÖ×éÖ¯·½Ê½£º ÔÚ infrastructure ģʽ ÖУ¬ Ò»¸öͨѶվ×÷ΪÖ÷Õ¾£¬ ÆäËûͨѶվ¶¼ÓëÆä¹ØÁª£» ÕâÖÖÍøÂç³ÆÎª BSS£¬ ¶øÖ÷Õ¾Ôò³ÉΪÎÞÏß·ÃÎʵã (AP)¡£ ÔÚ BSS ÖУ¬ ËùÓеÄͨѶ¶¼ÊÇͨ¹ý AP À´Íê³ÉµÄ£» ¼´Ê¹Í¨Ñ¶Õ¾Ö®¼äÒªÏ໥ͨѶ£¬ Ò²±ØÐ뽫ÏûÏ¢·¢¸ø AP¡£ ÔÚµÚ¶þÖÖÐÎʽµÄÍøÂçÖУ¬ ²¢²»´æÔÚÖ÷Õ¾£¬ ͨѶվ֮¼äÊÇÖ±½ÓͨѶµÄ¡£ ÕâÖÖÍøÂçÐÎʽ³Æ×÷ IBSS£¬ ͨ³£Ò²½Ð×ö ad-hoc ÍøÂç¡£

¡¡¡¡802.11 ÍøÂç×î³õÔÚ 2.4GHz Ƶ¶ÎÉϲ¿Ê𣬠²¢²ÉÓÃÁËÓÉ IEEE 802.11 ºÍ 802.11b ±ê×¼Ëù¶¨ÒåµÄЭÒé¡£ ÕâЩ±ê×¼¶¨ÒåÁ˲ÉÓõIJÙ×÷ƵÂÊ¡¢ °üÀ¨·ÖÖ¡ºÍ´«ÊäËÙÂÊ (ͨѶ¹ý³ÌÖпÉÒÔʹÓò»Í¬µÄËÙÂÊ) ÔÚÄÚµÄ MAC ²ãÌØÐԵȡ£ ÉÔºóµÄ 802.11a ±ê×¼¶¨ÒåÁËʹÓà 5GHz Ƶ¶Î½øÐвÙ×÷£¬ ÒÔ¼°²»Í¬µÄÐźŻúÖÆºÍ¸ü¸ßµÄ´«ÊäËÙÂÊ¡£ Æäºó¶¨ÒåµÄ 802.11g ±ê×¼ÆôÓÃÁËÔÚ 2.4GHz ÉÏÈçºÎʹÓà 802.11a Ðźźʹ«Êä»úÖÆ£¬ ÒÔÌṩ¶Ô½ÏÔçµÄ 802.11b ÍøÂçµÄÏòǰ¼æÈÝ¡£

¡¡¡¡802.11 ÍøÂçÖвÉÓõĸ÷Ààµ×²ã´«Êä»úÖÆÌṩÁ˲»Í¬ÀàÐ͵ݲȫ»úÖÆ¡£ ×î³õµÄ 802.11 ±ê×¼¶¨ÒåÁËÒ»ÖÖ³ÆÎª WEP µÄ¼òµ¥°²È«Ð­Òé¡£ Õâ¸öЭÒé²ÉÓù̶¨µÄÔ¤·¢²¼ÃÜÔ¿£¬ ²¢Ê¹Óà RC4 ¼ÓÃÜËã·¨À´¶ÔÔÚÍøÂçÉÏ´«ÊäµÄÊý¾Ý½øÐбàÂë¡£ È«²¿Í¨Ñ¶Õ¾¶¼±ØÐë²ÉÓÃͬÑùµÄ¹Ì¶¨ÃÜÔ¿²ÅÄÜͨѶ¡£ ÕâÒ»¸ñ¾ÖÒѾ­±»Ö¤Ã÷ºÜÈÝÒ×±»¹¥ÆÆ£¬ Òò´ËĿǰÒѾ­ºÜÉÙʹÓÃÁË£¬ ²ÉÓÃÕâÖÖ·½·¨Ö»ÄÜÈÃÄÇЩ½ÓÈëÍøÂçµÄÓû§Ñ¸ËÙ¶Ï¿ª¡£ ×îÐµİ²È«Êµ¼ùÊÇÓÉ IEEE 802.11i ±ê×¼¸ø³öµÄ£¬ Ëü¶¨ÒåÁËеļÓÃÜËã·¨£¬ ²¢Í¨¹ýÒ»ÖÖ¸½¼ÓµÄЭÒéÀ´ÈÃͨѶվÏòÎÞÏß·ÃÎʵãÑéÖ¤Éí·Ý£¬ ²¢½»»»ÓÃÓÚ½øÐÐÊý¾ÝͨѶµÄÃÜÔ¿¡£ ¸ü½øÒ»²½£¬ ÓÃÓÚ¼ÓÃܵÄÃÜÔ¿»á¶¨ÆÚµØË¢Ð£¬ ¶øÇÒÓлúÖÆÄܹ»¼à²âÈëÇֵij¢ÊÔ (²¢×èÖ¹ÕâÖÖ³¢ÊÔ)¡£ ÎÞÏßÍøÂçÖÐÁíÒ»ÖÖ³£Óõİ²È«Ð­Òé±ê×¼ÊÇ WPA¡£ ÕâÊÇÔÚ 802.11i ֮ǰÓÉÒµ½ç×éÖ¯¶¨ÒåµÄÒ»ÖÖ¹ý¶ÉÐÔ±ê×¼¡£ WPA ¶¨ÒåÁËÔÚ 802.11i ÖÐËù¹æ¶¨µÄÒªÇóµÄ×Ó¼¯£¬ ²¢±»Éè¼ÆÓÃÀ´ÔÚ¾ÉʽӲ¼þÉÏʵʩ¡£ ÌØ±ðµØ£¬ WPA ÒªÇóֻʹÓÃÓÉ×î³õ WEP Ëù²ÉÓõÄËã·¨ÅÉÉúµÄ TKIP ¼ÓÃÜËã·¨¡£ 802.11i Ôò²»µ«ÔÊÐíʹÓà TKIP£¬ ¶øÇÒ»¹ÒªÇóÖ§³Ö¸üÇ¿µÄ¼ÓÃÜËã·¨ AES-CCM À´ÓÃÓÚ¼ÓÃÜÊý¾Ý¡£ (ÔÚ WPA Öв¢Ã»ÓÐÒªÇóʹÓà AES ¼ÓÃÜËã·¨£¬ ÒòΪÔÚ¾ÉʽӲ¼þÉÏʵʩÕâÖÖË㷨ʱËùÐèµÄ¼ÆË㸴ÔÓÐÔÌ«¸ß¡£)

¡¡¡¡³ýÁËÇ°Ãæ½éÉܵÄÄÇЩЭÒé±ê×¼Ö®Í⣬ »¹ÓÐÒ»ÖÖÐèÒª½éÉܵıê×¼ÊÇ 802.11e¡£ Ëü¶¨ÒåÁËÓÃÓÚÔÚ 802.11 ÍøÂçÉÏÔËÐжàýÌåÓ¦Ó㬠ÈçÊÓÆµÁ÷ºÍʹÓà IP ´«Ë͵ÄÓïÒô (VoIP) µÄЭÒé¡£ Óë 802.11i ÀàËÆ£¬ 802.11e Ò²ÓÐÒ»¸öǰÉí±ê×¼£¬ ͨ³£³Æ×÷ WME (ºó¸ÄÃûΪ WMM)£¬ ËüÒ²ÊÇÓÉÒµ½ç×éÖ¯¶¨ÒåµÄ 802.11e µÄ×Ó¼¯£¬ ÒÔ±ãÄܹ»ÔÚ¾ÉʽӲ¼þÖÐʹÓöàýÌåÓ¦Óᣠ¹ØÓÚ 802.11e Óë WME/WMM Ö®¼äµÄÁíÒ»ÏîÖØÒªÇø±ðÊÇ£¬ ǰÕßÔÊÐí¶ÔÁ÷Á¿Í¨¹ý·þÎñÆ·ÖÊ (QoS) ЭÒéºÍÔöǿýÌå·ÃÎÊЭÒéÀ´°²ÅÅÓÅÏȼ¶¡£ ¶ÔÓÚÕâЩЭÒéµÄÕýȷʵÏÖ£¬ Äܹ»ÊµÏÖ¸ßËÙÍ»·¢Êý¾ÝºÍÁ÷Á¿·Ö¼¶¡£

¡¡¡¡FreeBSD Ö§³Ö²ÉÓà 802.11a, 802.11b ºÍ 802.11g µÄÍøÂç¡£ ÀàËÆµØ£¬ ËüÒ²Ö§³Ö WPA ºÍ 802.11i °²È«Ð­Òé (Óë 11a¡¢ 11b ºÍ 11g ÅäºÏ)£¬ ¶ø WME/WMM ËùÐèÒªµÄ QoS ºÍÁ÷Á¿·Ö¼¶£¬ ÔòÔÚ²¿·ÖÎÞÏßÉ豸ÉÏÌṩÁËÖ§³Ö¡£

31.3.2 »ù±¾°²×°

31.3.2.1 ÄÚºËÅäÖÃ

¡¡¡¡ÒªÊ¹ÓÃÎÞÏßÍøÂ磬 ÄúÐèÒªÒ»¿éÎÞÏßÍø¿¨£¬ ²¢Êʵ±µØÅäÖÃÄÚºËÁîÆäÌṩÎÞÏßÍøÂçÖ§³Ö¡£ ºóÕß±»·Ö³ÉÁ˶à¸öÄ£¿é£¬ Òò´ËÄúÖ»ÐèÅäÖÃʹÓÃÄúËùÐèÒªµÄÈí¼þ¾Í¿ÉÒÔÁË¡£

¡¡¡¡Ê×ÏÈÄúÐèÒªµÄÊÇÒ»¸öÎÞÏßÉ豸¡£ ×îΪ³£ÓõÄÒ»ÖÖÎÞÏßÅä¼þÊÇ Atheros Éú²úµÄ¡£ ÕâЩÉ豸ÓÉ ath(4) Çý¶¯³ÌÐòÌṩ֧³Ö£¬ ÄúÐèÒª°ÑÏÂÃæµÄÅäÖüÓÈëµ½ /boot/loader.conf ÎļþÖУº

if_ath_load="YES"

¡¡¡¡Atheros Çý¶¯·ÖΪÈý¸ö²¿·Ö£º Çý¶¯²¿·Ö (ath(4))¡¢ ÓÃÓÚ´¦ÀíоƬרÓй¦ÄܵÄÖ§³Ö²ã (ath_hal(4))£¬ ÒÔ¼°Ò»×éÓÃÒÔÑ¡Ôñ´«ÊäÖ¡ËÙÂʵÄËã·¨ (ath_rate_sample here)¡£ µ±ÒÔÄ£¿é·½Ê½¼ÓÔØÕâÒ»Ö§³Öʱ£¬ ËùÐèµÄÆäËüÄ£¿é»á×Ô¶¯¼ÓÔØ¡£ Èç¹ûÄúʹÓõIJ»ÊÇ Atheros É豸£¬ ÔòӦѡÔñ¶ÔÓ¦µÄÄ£¿é£» ÀýÈ磺

if_wi_load="YES"

¡¡¡¡±íʾʹÓûùÓÚ Intersil Prism ²úÆ·µÄÎÞÏßÉ豸 (wi(4) Çý¶¯)¡£

×¢Òâ: ÔÚÕâÆªÎĵµÓàϵIJ¿·ÖÖУ¬ ÎÒÃǽ«ÒÔ ath(4) ¿¨À´½øÐÐʾ·¶£¬ Èç¹ûÒªÌ×ÓÃÕâЩÅäÖõϰ£¬ ¿ÉÄÜÐèÒª¸ù¾ÝÄúʵ¼ÊµÄÅäÖÃÇé¿öÀ´ÐÞ¸ÄʾÀýÖеÄÉ豸Ãû³Æ¡£ ÔÚ FreeBSD ¼æÈÝÓ²¼þ˵Ã÷ÖÐÌṩÁËĿǰ¿ÉÓõÄÎÞÏßÍøÂçÇý¶¯£¬ ÒÔ¼°¼æÈÝÓ²¼þµÄÁÐ±í¡£ Õë¶Ô²»Í¬°æ±¾ºÍÓ²¼þƽ̨µÄ˵Ã÷¿ÉÒÔÔÚ FreeBSD ÍøÕ¾µÄ Release Information Ò³ÃæÕÒµ½¡£ Èç¹ûÄúµÄÎÞÏßÉ豸ûÓÐÓëÖ®¶ÔÓ¦µÄ FreeBSD רÓÃÇý¶¯³ÌÐò£¬ Ò²¿ÉÒÔ³¢ÊÔʹÓà NDIS Çý¶¯·â×°»úÖÆÀ´Ö±½ÓʹÓà Windows® Çý¶¯¡£

¡¡¡¡¶ÔÓÚ FreeBSD 7.X£¬ ÔÚÅäÖúÃÉ豸Çý¶¯Ö®ºó£¬ Äú»¹ÐèÒªÒýÈëÇý¶¯³ÌÐòËùÐèÒªµÄ 802.11 ÍøÂçÖ§³Ö¡£ ¶ÔÓÚ ath(4) Çý¶¯¶øÑÔ£¬ ÖÁÉÙÐèÒª wlan(4) wlan_scan_ap ºÍ wlan_scan_sta Ä£¿é£» wlan(4) Ä£¿é»á×Ô¶¯ËæÎÞÏßÉ豸Çý¶¯Ò»Í¬¼ÓÔØ£¬ ʣϵÄÄ£¿é±ØÐëÒªÔÚϵͳÒýµ¼Ê±¼ÓÔØ£¬ ¾ÍÐèÒªÔÚ /boot/loader.conf ÖмÓÈëÏÂÃæµÄÅäÖãº

wlan_scan_ap_load="YES"
wlan_scan_sta_load="YES"

¡¡¡¡´Ó FreeBSD 8.0 Æð£¬ ÕâЩģ¿é³ÉΪÁË wlan(4) Çý¶¯µÄ»ù´¡×é¼þ£¬ ²¢»áËæÊÊÅäÆ÷Çý¶¯Ò»Æð¶¯Ì¬¼ÓÔØ¡£

¡¡¡¡³ý´ËÖ®Í⣬ Äú»¹ÐèÒªÌṩÄúÏ£ÍûʹÓõİ²È«Ð­ÒéËùÐèµÄ¼ÓÃÜÖ§³ÖÄ£¿é¡£ ÕâЩģ¿éÊÇÉè¼ÆÀ´Èà wlan(4) Ä£¿é¸ù¾ÝÐèÒª×Ô¶¯¼ÓÔØµÄ£¬ µ«Ä¿Ç°»¹±ØÐëÊÖ¹¤½øÐÐÅäÖᣠÄú¿ÉÒÔʹÓÃÏÂÃæÕâЩģ¿é£º wlan_wep(4)¡¢ wlan_ccmp(4) ºÍ wlan_tkip(4)¡£ wlan_ccmp(4) ºÍ wlan_tkip(4) ÕâÁ½¸öÇý¶¯¶¼Ö»ÓÐÔÚÄúÏ£Íû²ÉÓà WPA ºÍ/»ò 802.11i °²È«Ð­Òéʱ²ÅÐèÒª¡£ Èç¹ûÄúµÄÍøÂç²»²ÉÓüÓÃÜ£¬ ¾Í²»ÐèÒª wlan_wep(4) Ö§³ÖÁË¡£ ÒªÔÚϵͳÒýµ¼Ê±¼ÓÔØÕâЩģ¿é£¬ ÐèÒªÔÚ /boot/loader.conf ÖмÓÈëÏÂÃæµÄÅäÖãº

wlan_wep_load="YES"
wlan_ccmp_load="YES"
wlan_tkip_load="YES"

¡¡¡¡Í¨¹ýϵͳÒýµ¼ÅäÖÃÎļþ (Ò²¾ÍÊÇ /boot/loader.conf) ÖеÄÕâЩÐÅÏ¢ÉúЧ£¬ Äú±ØÐëÖØÐÂÆô¶¯ÔËÐÐ FreeBSD µÄ¼ÆËã»ú¡£ Èç¹û²»ÏëÁ¢¿ÌÖØÐÂÆô¶¯£¬ Ò²¿ÉÒÔʹÓà kldload(8) À´ÊÖ¹¤¼ÓÔØ¡£

×¢Òâ: Èç¹û²»Ïë¼ÓÔØÄ£¿é£¬ Ò²¿ÉÒÔ½«ÕâЩÇý¶¯±àÒëµ½ÄÚºËÖУ¬ ·½·¨ÊÇÔÚÄں˵ıàÒëÅäÖÃÎļþÖмÓÈëÏÂÃæµÄÅäÖãº

device wlan              # 802.11 support
device wlan_wep          # 802.11 WEP support
device wlan_ccmp         # 802.11 CCMP support
device wlan_tkip         # 802.11 TKIP support
device wlan_amrr         # AMRR transmit rate control algorithm
device ath               # Atheros pci/cardbus NIC's
device ath_hal           # pci/cardbus chip support
options AH_SUPPORT_AR5416 # enable AR5416 tx/rx descriptors
device ath_rate_sample   # SampleRate tx rate control for ath

ʹÓà FreeBSD 7.X ʱ£¬ »¹ÐèÒªÅäÖÃÏÂÃæÕâÁ½ÐУ» FreeBSD µÄÆäËû°æ±¾²»ÐèÒªËüÃÇ¡£

device wlan_scan_ap      # 802.11 AP mode scanning
device wlan_scan_sta     # 802.11 STA mode scanning

½«ÕâЩÐÅϢдµ½Äں˱àÒëÅäÖÃÎļþÖÐÖ®ºó£¬ ÄúÐèÒªÖØÐ±àÒëÄںˣ¬ ²¢ÖØÐÂÆô¶¯ÔËÐÐ FreeBSD µÄ¼ÆËã»ú¡£

¡¡¡¡ÔÚϵͳÆô¶¯Ö®ºó£¬ Äú»áÔÚÒýµ¼Ê±¸ø³öµÄÐÅÏ¢ÖУ¬ ÕÒµ½ÀàËÆÏÂÃæÕâÑùµÄ¹ØÓÚÎÞÏßÉ豸µÄÐÅÏ¢£º

ath0: <Atheros 5212> mem 0x88000000-0x8800ffff irq 11 at device 0.0 on cardbus1
ath0: [ITHREAD]
ath0: AR2413 mac 7.9 RF2413 phy 4.5

31.3.3 Infrastructure ģʽ

¡¡¡¡Í¨³£µÄÇéÐÎÖÐʹÓõÄÊÇ infrastructure ģʽ»ò³Æ BSS ģʽ¡£ ÔÚÕâÖÖģʽÖУ¬ ÓÐһϵÁÐÎÞÏß·ÃÎʵã½ÓÈëÁËÓÐÏßÍøÂç¡£ ÿ¸öÎÞÏßÍø¶¼»áÓÐ×Ô¼ºµÄÃû×Ö£¬ Õâ¸öÃû×Ö³Æ×÷ÍøÂçµÄ SSID¡£ ÎÞÏ߿ͻ§¶Ë¶¼Í¨¹ýÎÞÏß·ÃÎʵãÀ´Íê³É½ÓÈë¡£

31.3.3.1 FreeBSD ¿Í»§»ú

31.3.3.1.1 ÈçºÎ²éÕÒÎÞÏß·ÃÎʵã

¡¡¡¡Äú¿ÉÒÔͨ¹ýʹÓà ifconfig ÃüÁîÀ´É¨ÃèÍøÂç¡£ ÓÉÓÚϵͳÐèÒªÔÚ²Ù×÷¹ý³ÌÖÐÇл»²»Í¬µÄÎÞÏ߯µÂʲ¢Ì½²â¿ÉÓõÄÎÞÏß·ÃÎʵ㣬 ÕâÖÖÇëÇó¿ÉÄÜÐèÒªÊý·ÖÖÓ²ÅÄÜÍê³É¡£ Ö»Óг¬¼¶Óû§²ÅÄÜÆô¶¯ÕâÖÖɨÃ裺

# ifconfig wlan0 create wlandev ath0
# ifconfig wlan0 up scan
SSID/MESH ID    BSSID              CHAN RATE   S:N     INT CAPS
dlinkap         00:13:46:49:41:76   11   54M -90:96   100 EPS  WPA WME
freebsdap       00:11:95:c3:0d:ac    1   54M -83:96   100 EPS  WPA

×¢Òâ: ÔÚ¿ªÊ¼É¨Ãè֮ǰ£¬ ±ØÐë½«ÍøÂç½Ó¿ÚÉèΪ up¡£ ºóÐøµÄɨÃèÇëÇó¾Í²»ÐèÒªÔÙ½«ÍøÂç½Ó¿ÚÉèΪ up ÁË¡£

×¢Òâ: ÔÚ FreeBSD 7.X ÖУ¬ »áÖ±½ÓÊÊÅäÆ÷É豸£¬ ÀýÈç ath0£¬ ¶ø²»ÊÇ wlan0 É豸¡£ Òò´ËÄúÐèÒª°ÑÇ°ÃæµÄÃüÁîÐиÄΪ£º

# ifconfig ath0 up scan

ÔÚÕâ·ÝÎĵµÓàϵIJ¿·ÖÖУ¬ ÄúÒ²ÐèҪעÒâ FreeBSD 7.X ÉϵÄÕâЩ²îÒ죬 ²¢¶ÔÃüÁîÐÐʾÀý½øÐÐÀàËÆµÄ¸Ä¶¯¡£

¡¡¡¡É¨Ãè»áÁгöËùÇëÇóµ½µÄËùÓÐ BSS/IBSS ÍøÂçÁÐ±í¡£ ³ýÁËÍøÂçµÄÃû×Ö SSID Ö®Í⣬ ÎÒÃÇ»¹»á¿´µ½ BSSID ¼´ÎÞÏß·ÃÎʵãµÄ MAC µØÖ·¡£ ¶ø CAPS ×Ö¶ÎÔò¸ø³öÁËÍøÂçÀàÐͼ°ÆäÌṩµÄ¹¦ÄÜ£¬ ÆäÖаüÀ¨£º

E

Extended Service Set (ESS)¡£ ±íʾͨѶվÊÇ infrastructure ÍøÂç (Ïà¶ÔÓÚ IBSS/ad-hoc ÍøÂç) µÄ³ÉÔ±¡£

I

IBSS/ad-hoc ÍøÂç¡£ ±íʾͨѶվÊÇ ad-hoc ÍøÂç (Ïà¶ÔÓÚ ESS ÍøÂç) µÄ³ÉÔ±¡£

P

˽ÃÜ¡£ ÔÚ BSS Öн»»»µÄÈ«²¿Êý¾ÝÖ¡¾ùÐè±£Ö¤Êý¾Ý±£ÃÜÐÔ¡£ Õâ±íʾ BSS ÐèҪͨѶվʹÓüÓÃÜËã·¨£¬ ÀýÈç WEP¡¢ TKIP »ò AES-CCMP À´¼ÓÃÜ/½âÃÜÓëÆäËûͨѶվ½»»»µÄÊý¾ÝÖ¡¡£

S

¶Ìǰµ¼Âë (Short Preamble)¡£ ±íÊ¾ÍøÂç²ÉÓõÄÊǶÌǰµ¼Âë (ÓÉ 802.11b High Rate/DSSS PHY ¶¨Ò壬 ¶Ìǰµ¼Âë²ÉÓà 56-λ ͬ²½×ֶΣ¬ ¶ø²»ÊÇÔÚ³¤Ç°µ¼ÂëģʽÖÐËù²ÉÓÃµÄ 128-λ ×Ö¶Î)¡£

s

¶ÌÅöײ²Ûʱ¼ä (Short slot time)¡£ ±íʾÓÉÓÚ²»´æÔÚ¾Éʽ (802.11b) ͨѶվ£¬ 802.11g ÍøÂçÕýʹÓöÌÅöײ²Ûʱ¼ä¡£

¡¡¡¡ÒªÏÔʾĿǰÒÑÖªµÄÍøÂ磬 ¿ÉÒÔʹÓÃÏÂÃæµÄÃüÁ

# ifconfig wlan0 list scan

¡¡¡¡ÕâЩÐÅÏ¢¿ÉÄÜ»áÓÉÎÞÏßÊÊÅäÆ÷×Ô¶¯¸üУ¬ Ò²¿ÉʹÓà scan ÊÖ¶¯¸üС£ ¿ìÈ¡»º´æÖеľÉÊý¾Ý»á×Ô¶¯É¾³ý£¬ Òò´Ë³ý·Ç½øÐиü¶àɨÃ裬 Õâ¸öÁбí»áÖð½¥ËõС¡£

31.3.3.1.2 »ù±¾ÅäÖÃ

¡¡¡¡ÔÚÕâÒ»½ÚÖÐÎÒÃǽ«Õ¹Ê¾Ò»¸ö¼òµ¥µÄÀý×ÓÀ´½éÉÜÈçºÎÈÃÎÞÏßÍøÂçÊÊÅäÆ÷ÔÚ FreeBSD ÖÐÒÔ²»¼ÓÃܵķ½Ê½¹¤×÷¡£ ÔÚÄúÊìϤÁËÕâЩ¸ÅÄîÖ®ºó£¬ ÎÒÃÇÇ¿ÁÒ½¨ÒéÄúÔÚʵ¼ÊµÄʹÓÃÖвÉÓà WPA À´ÅäÖÃÍøÂç¡£

¡¡¡¡ÅäÖÃÎÞÏßÍøÂçµÄ¹ý³Ì¿É·ÖΪÈý¸ö»ù±¾²½Ö裺 Ñ¡ÔñÎÞÏß·ÃÎʵ㡢 ÑéÖ¤ÄúµÄͨѶվÉí·Ý£¬ ÒÔ¼°ÅäÖà IP µØÖ·¡£ ÏÂÃæµÄ¼¸½ÚÖн«·Ö²½ÖèµØ½éÉÜËüÃÇ¡£

31.3.3.1.2.1 Ñ¡ÔñÎÞÏß·ÃÎʵã

¡¡¡¡¶àÊýʱºòÈÃϵͳÒÔÄÚ½¨µÄ̽²â·½Ê½Ñ¡ÔñÎÞÏß·ÃÎʵã¾Í¿ÉÒÔÁË¡£ ÕâÊÇÔÚÄú½«ÍøÂç½Ó¿ÚÖÃΪ up »òÔÚ /etc/rc.conf ÖÐÅäÖà IP µØÖ·Ê±µÄĬÈÏ·½Ê½£¬ ÀýÈ磺

wlans_ath0="wlan0"
ifconfig_wlan0="DHCP"

×¢Òâ: ÈçÇ°ÃæÌáµ½µÄÄÇÑù£¬ FreeBSD 7.X Ö»ÐèÒªÒ»ÐÐÅäÖãº

ifconfig_ath0="DHCP"

¡¡¡¡Èç¹û´æÔÚ¶à¸öÎÞÏß·ÃÎʵ㣬 ¶øÄúÏ£Íû´ÓÖÐÑ¡Ôñ¾ßÌåµÄÒ»¸ö£¬ Ôò¿ÉÒÔͨ¹ýÖ¸¶¨ SSID À´ÊµÏÖ£º

wlans_ath0="wlan0"
ifconfig_wlan0="ssid your_ssid_here DHCP"

¡¡¡¡ÔÚijЩ»·¾³ÖУ¬ ¶à¸ö·ÃÎʵã¿ÉÄÜ»áʹÓÃͬÑùµÄ SSID (ͨ³££¬ ÕâÑù×öµÄÄ¿µÄÊǼò»¯ÂþÓÎ)£¬ Õâʱ¿ÉÄܾÍÐèÒªÓëij¸ö¾ßÌåµÄÉ豸¹ØÁªÁË¡£ ÕâÖÖÇé¿öÏ£¬ Äú»¹Ó¦Ö¸¶¨ÎÞÏß·ÃÎʵãµÄ BSSID (Õâʱ¿ÉÒÔ²»Ö¸¶¨ SSID)£º

wlans_ath0="wlan0"
ifconfig_wlan0="ssid your_ssid_here bssid xx:xx:xx:xx:xx:xx DHCP"

¡¡¡¡³ý´ËÖ®Í⣬ »¹ÓÐһЩÆäËüµÄ·½·¨Äܹ»Ô¼Êø²éÕÒÎÞÏß·ÃÎʵãµÄ·¶Î§£¬ ÀýÈçÏÞÖÆÏµÍ³É¨ÃèµÄƵ¶Î£¬ µÈµÈ¡£ Èç¹ûÄúµÄÎÞÏßÍø¿¨Ö§³Ö¶à¸öƵ¶Î£¬ ÕâÑù×ö¿ÉÄÜ»á·Ç³£ÓÐÓ㬠ÒòΪɨÃèÈ«²¿¿ÉÓÃÆµ¶ÎÊÇÒ»¸öÊ®·ÖºÄʱµÄ¹ý³Ì¡£ Òª½«²Ù×÷ÏÞÖÆÔÚij¸ö¾ßÌåµÄƵ¶Î£¬ ¿ÉÒÔʹÓà mode ²ÎÊý£» ÀýÈ磺

wlans_ath0="wlan0"
ifconfig_wlan0="mode 11g ssid your_ssid_here DHCP"

¡¡¡¡¾Í»áÇ¿ÖÆ¿¨Ê¹ÓòÉÓà 2.4GHz µÄ 802.11g£¬ ÕâÑùÔÚɨÃèµÄʱºò£¬ ¾Í²»»á¿¼ÂÇÄÇЩ 5GHz µÄƵ¶ÎÁË¡£ ³ý´ËÖ®Í⣬ »¹¿ÉÒÔͨ¹ý channel ²ÎÊýÀ´½«²Ù×÷Ëø¶¨ÔÚÌØ¶¨ÆµÂÊ£¬ ÒÔ¼°Í¨¹ý chanlist ²ÎÊýÀ´Ö¸¶¨É¨ÃèµÄƵ¶ÎÁÐ±í¡£ ¹ØÓÚÕâЩ²ÎÊýµÄ½øÒ»²½ÐÅÏ¢£¬ ¿ÉÒÔÔÚÁª»úÊÖ²á ifconfig(8) ÖÐÕÒµ½¡£

31.3.3.1.2.2 ÑéÖ¤Éí·Ý

¡¡¡¡Ò»µ©ÄúÑ¡¶¨ÁËÎÞÏß·ÃÎʵ㣬 ÄúµÄͨѶվ¾ÍÐèÒªÍê³ÉÉí·ÝÑéÖ¤£¬ ÒԱ㿪ʼ·¢ËͺͽÓÊÕÊý¾Ý¡£ Éí·ÝÑéÖ¤¿ÉÒÔͨ¹ýÐí¶à·½Ê½½øÐУ¬ ×î³£ÓõÄÒ»ÖÖ·½Ê½³ÆÎª¿ª·ÅʽÑéÖ¤£¬ ËüÔÊÐíÈÎÒâͨѶվ¼ÓÈëÍøÂç²¢Ï໥ͨÐÅ¡£ ÕâÖÖÑéÖ¤·½Ê½Ö»Ó¦ÔÚÄúµÚÒ»´ÎÅäÖÃÎÞÏßÍøÂç½øÐвâÊÔʱʹÓᣠÆäËüµÄÑéÖ¤·½Ê½ÔòÐèÒªÔÚ½øÐÐÊý¾ÝͨѶ֮ǰ£¬ Ê×ÏȽøÐÐÃÜԿЭÉÌÎÕÊÖ£» ÕâЩ·½Ê½ÒªÃ´Ê¹ÓÃÔ¤ÏÈ·Ö·¢µÄÃÜÔ¿»òÃÜÂ룬 ҪôÊÇÓøü¸´ÔÓһЩµÄºǫ́·þÎñ£¬ Èç RADIUS¡£ ¾ø´ó¶àÊýÓû§»áʹÓÃĬÈϵĿª·ÅʽÑéÖ¤£¬ ¶øµÚ¶þ¶àµÄÔòÊÇ WPA-PSK£¬ ËüÒ²³ÆÎª¸öÈË WPA£¬ ÔÚ ÏÂÃæ µÄÕ½ÚÖн«½øÐнéÉÜ¡£

×¢Òâ: Èç¹ûÄúʹÓà Apple® AirPort® Extreme »ùÕ¾×÷ΪÎÞÏß·ÃÎʵ㣬 Ôò¿ÉÄÜÐèҪͬʱÔÚÁ½¶ËÅäÖà WEP ¹²ÏíÃÜÔ¿ÑéÖ¤¡£ Õâ¿ÉÒÔͨ¹ýÔÚ /etc/rc.conf ÎļþÖнøÐÐÉèÖ㬠»òʹÓà wpa_supplicant(8) ³ÌÐòÀ´ÊÖ¹¤Íê³É¡£ Èç¹ûÄúÖ»ÓÐÒ»¸ö AirPort »ùÕ¾£¬ Ôò¿ÉÒÔÓÃÀàËÆÏÂÃæµÄ·½·¨À´ÅäÖãº

wlans_ath0="wlan0"
ifconfig_wlan0="authmode shared wepmode on weptxkey 1 wepkey 01234567 DHCP"

Ò»°ã¶øÑÔ£¬ Ó¦¾¡Á¿±ÜÃâʹÓù²ÏíÃÜÔ¿ÕâÖÖÑéÖ¤·½·¨£¬ ÒòΪËüÒԷdz£ÊÜÏ޵ķ½Ê½Ê¹Óà WEP ÃÜÔ¿£¬ ʹµÃ¹¥»÷ÕßÄܹ»ºÜÈÝÒ×µØÆÆ½âÃÜÔ¿¡£ Èç¹û±ØÐëʹÓà WEP (ÀýÈ磬 ΪÁ˼æÈݾÉʽµÄÉ豸) ×îºÃʹÓà WEP ÅäºÏ open ÑéÖ¤·½Ê½¡£ ¹ØÓÚ WEP µÄ¸ü¶à×ÊÁÏÇë²Î¼û µÚ 31.3.3.1.4 ½Ú¡£

31.3.3.1.2.3 ͨ¹ý DHCP »ñÈ¡ IP µØÖ·

¡¡¡¡ÔÚÄúÑ¡¶¨ÁËÎÞÏß·ÃÎʵ㣬 ²¢ÅäÖÃÁËÑéÖ¤²ÎÊýÖ®ºó£¬ »¹±ØÐë»ñµÃ IP µØÖ·²ÅÄÜÕæÕý¿ªÊ¼Í¨Ñ¶¡£ ¶àÊýʱºò£¬ Äú»áͨ¹ý DHCP À´»ñµÃÎÞÏß IP µØÖ·¡£ Òª´ïµ½Õâ¸öÄ¿µÄ£¬ Ö»Ðè¼òµ¥µØ±à¼­ /etc/rc.conf ²¢ÔÚÅäÖÃÖмÓÈë DHCP£º

wlans_ath0="wlan0"
ifconfig_wlan0="DHCP"

¡¡¡¡ÏÖÔÚÄúÒѾ­Íê³ÉÁËÆôÓÃÎÞÏßÍøÂç½Ó¿ÚµÄÈ«²¿×¼±¸¹¤×÷ÁË£¬ ÏÂÃæµÄ²Ù×÷½«ÆôÓÃËü£º

# /etc/rc.d/netif start

¡¡¡¡Ò»µ©ÍøÂç½Ó¿Ú¿ªÊ¼ÔËÐУ¬ ¾Í¿ÉÒÔʹÓà ifconfig À´²é¿´ÍøÂç½Ó¿Ú ath0 µÄ״̬ÁË£º

# ifconfig wlan0
wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        ether 00:11:95:d5:43:62
        inet 192.168.1.100 netmask 0xffffff00 broadcast 192.168.1.255
        media: IEEE 802.11 Wireless Ethernet OFDM/54Mbps mode 11g
        status: associated
        ssid dlinkap channel 11 (2462 Mhz 11g) bssid 00:13:46:49:41:76
        country US ecm authmode OPEN privacy OFF txpower 21.5 bmiss 7
        scanvalid 60 bgscan bgscanintvl 300 bgscanidle 250 roam:rssi 7
        roam:rate 5 protmode CTS wme burst

¡¡¡¡ÕâÀïµÄ status: associated ±íʾÄúÒѾ­Á¬½Óµ½ÁËÎÞÏßÍøÂç (ÔÚÕâ¸öÀý×ÓÖУ¬ Õâ¸öÍøÂçµÄÃû×ÖÊÇ dlinkap)¡£ bssid 00:13:46:49:41:76 ÊÇÖ¸ÄúËùÓÃÎÞÏß·ÃÎʵãµÄ MAC µØÖ·£» authmode OPEN ±íʾÄúͨѶµÄÄÚÈݽ«½«²»¼ÓÃÜ¡£

31.3.3.1.2.4 ¾²Ì¬ IP µØÖ·

¡¡¡¡Èç¹ûÎÞ·¨´Óij¸ö DHCP ·þÎñÆ÷»ñµÃ IP µØÖ·£¬ Ôò¿ÉÒÔÅäÖÃÒ»¸ö¾²Ì¬ IP µØÖ·£¬ ·½·¨Êǽ«Ç°ÃæµÄ DHCP ¹Ø¼ü×ÖÌæ»»ÎªµØÖ·ÐÅÏ¢¡£ ÇëÎñ±Ø±£³ÖÆäËûÓÃÓÚÁ¬½ÓÎÞÏß·ÃÎʵãµÄ²ÎÊý£º

wlans_ath0="wlan0"
ifconfig_wlan0="inet 192.168.1.100 netmask 255.255.255.0 ssid your_ssid_here"

31.3.3.1.3 WPA

¡¡¡¡WPA (Wi-Fi ±£»¤·ÃÎÊ) ÊÇÒ»ÖÖÓë 802.11 ÍøÂçÅäºÏʹÓõİ²È«Ð­Ò飬 ÆäÄ¿µÄÊÇÏû³ý WEP ÖÐȱÉÙÉí·ÝÑéÖ¤ÄÜÁ¦µÄÎÊÌ⣬ ÒÔ¼°Ò»Ð©ÆäËüµÄ°²È«Èõµã¡£ WPA ²ÉÓÃÁË 802.1X ÈÏ֤ЭÒ飬 ²¢²ÉÓôӶàÖÖÓë WEP ²»Í¬µÄ¼ÓÃÜËã·¨ÖÐÑ¡ÔñÒ»ÖÖÀ´±£Ö¤Êý¾Ý±£ÃÜÐÔ¡£ WPA Ö§³ÖµÄΨһһÖÖ¼ÓÃÜËã·¨ÊÇ TKIP (ÁÙʱÃÜÔ¿ÍêÕûÐÔЭÒé)£¬ ÕâÊÇÒ»ÖÖ¶Ô WEP Ëù²ÉÓõĻù±¾ RC4 ¼ÓÃÜËã·¨µÄÀ©Õ¹£¬ ³ý´ËÖ®Í⻹ÌṩÁ˶Լì²âµ½µÄÈëÇÖµÄÏìÓ¦»úÖÆ¡£ TKIP ±»Éè¼ÆÓÃÀ´Óë¾ÉʽӲ¼þһͬ¹¤×÷£¬ Ö»ÐèÒª½øÐв¿·ÖÈí¼þÐ޸ģ» ËüÌṩÁËÒ»ÖÖ¸ÄÉÆ°²È«ÐÔµÄÕÛÖÔ·½°¸£¬ µ«ÈÔÓпÉÄÜÊܵ½¹¥»÷¡£ WPA Ò²Ö¸¶¨ÁË AES-CCMP ¼ÓÃÜ×÷Ϊ TKIP µÄÌæ´úÆ·£¬ ÔÚ¿ÉÄÜʱÇãÏòÓÚʹÓÃÕâÖÖ¼ÓÃÜ£» ±í´ïÕâÒ»¹æ·¶µÄ³£ÓÃÊõÓïÊÇ WPA2 (»ò RSN)¡£

¡¡¡¡WPA ¶¨ÒåÁËÑéÖ¤ºÍ¼ÓÃÜЭÒé¡£ Ñé֤ͨ³£ÊÇʹÓÃÁ½ÖÖ·½·¨Ö®Ò»À´Íê³ÉµÄ£º ͨ¹ý 802.1X »òÀàËÆ RADIUS ÕâÑùµÄºó¶ËÑéÖ¤·þÎñ£¬ »òͨ¹ýÔÚͨѶվºÍÎÞÏß·ÃÎʵãÖ®¼äͨ¹ýÊÂÏÈ·Ö·¢µÄÃÜÂëÀ´½øÐÐ×îСÎÕÊÖ¡£ ǰһÖÖͨ³£³Æ×÷ÆóÒµ WPA£¬ ¶øºóÕßͨ³£Ò²½Ð×ö¸öÈË WPA¡£ ÒòΪ¶àÊýÈ˲»»áΪÎÞÏßÍøÂçÅäÖà RADIUS ºó¶Ë·þÎñÆ÷£¬ Òò´Ë WPA-PSK ÊÇÔÚ WPA ÖÐ×îΪ³£¼ûµÄÒ»ÖÖ¡£

¡¡¡¡¶ÔÎÞÏßÁ¬½ÓµÄ¿ØÖƺÍÉí·ÝÑéÖ¤¹¤×÷ (ÃÜԿЭÉÌ»òͨ¹ý·þÎñÆ÷ÑéÖ¤) ÊÇͨ¹ý wpa_supplicant(8) ¹¤¾ßÀ´Íê³ÉµÄ¡£ Õâ¸ö³ÌÐòÔËÐÐʱÐèÒªÒ»¸öÅäÖÃÎļþ£¬ /etc/wpa_supplicant.conf¡£ ¹ØÓÚÕâ¸öÎļþµÄ¸ü¶àÐÅÏ¢£¬ Çë²Î¿¼Áª»úÊÖ²á wpa_supplicant.conf(5)¡£

31.3.3.1.3.1 WPA-PSK

¡¡¡¡WPA-PSK Ò²³Æ×÷ ¸öÈË-WPA£¬ Ëü»ùÓÚÔ¤ÏÈ·Ö·¢µÄÃÜÔ¿ (PSK)£¬ Õâ¸öÃÜÔ¿ÊǸù¾Ý×÷ΪÎÞÏßÍøÂçÉÏʹÓõÄÖ÷ÃÜÔ¿µÄÃÜÂëÉú³ÉµÄ¡£ Õâ±íʾÿ¸öÎÞÏßÓû§¶¼»áʹÓÃͬÑùµÄÃÜÔ¿¡£ WPA-PSK Ö÷ÒªÓÃÓÚСÐÍÍøÂ磬 ÔÚÕâÖÖÍøÂçÖУ¬ ͨ³£²»ÐèÒª»òûÓа취¼ÜÉèÑéÖ¤·þÎñÆ÷¡£

¾¯¸æ: ÎÞÂÛºÎʱ£¬ ¶¼Ó¦Ê¹ÓÃ×ã¹»³¤£¬ ÇÒ°üÀ¨¾¡¿ÉÄܶà×ÖĸºÍÊý×ÖµÄÇ¿¿ÚÁ ÒÔÃâ±»²Â³öºÍ/»ò¹¥»÷¡£

¡¡¡¡µÚÒ»²½ÊÇÐÞ¸ÄÅäÖÃÎļþ /etc/wpa_supplicant.conf£¬ ²¢ÔÚÆäÖмÓÈëÔÚÄúÍøÂçÉÏʹÓÃµÄ SSID ºÍÊÂÏÈ·Ö·¢µÄÃÜÔ¿£º

network={
  ssid="freebsdap"
  psk="freebsdmall"
}

¡¡¡¡½ÓÏÂÀ´£¬ ÔÚ /etc/rc.conf ÖУ¬ ÎÒÃǽ«Ö¸¶¨ÎÞÏßÉ豸µÄÅäÖ㬠ÁîÆä²ÉÓà WPA£¬ ²¢Í¨¹ý DHCP À´»ñÈ¡ IP µØÖ·£º

wlans_ath0="wlan0"
ifconfig_wlan0="WPA DHCP"

¡¡¡¡ÏÂÃæ£¬ ÆôÓÃÎÞÏßÍøÂç½Ó¿Ú£º

# /etc/rc.d/netif start
Starting wpa_supplicant.
DHCPDISCOVER on wlan0 to 255.255.255.255 port 67 interval 5
DHCPDISCOVER on wlan0 to 255.255.255.255 port 67 interval 6
DHCPOFFER from 192.168.0.1
DHCPREQUEST on wlan0 to 255.255.255.255 port 67
DHCPACK from 192.168.0.1
bound to 192.168.0.254 -- renewal in 300 seconds.
wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
      ether 00:11:95:d5:43:62
      inet 192.168.0.254 netmask 0xffffff00 broadcast 192.168.0.255
      media: IEEE 802.11 Wireless Ethernet OFDM/36Mbps mode 11g
      status: associated
      ssid freebsdap channel 1 (2412 Mhz 11g) bssid 00:11:95:c3:0d:ac
      country US ecm authmode WPA2/802.11i privacy ON deftxkey UNDEF
      AES-CCM 3:128-bit txpower 21.5 bmiss 7 scanvalid 450 bgscan
      bgscanintvl 300 bgscanidle 250 roam:rssi 7 roam:rate 5 protmode CTS
      wme burst roaming MANUAL

¡¡¡¡³ý´ËÖ®Í⣬ ÄúÒ²¿ÉÒÔÊÖ¶¯µØÊ¹Óà above ÖÐÄÇ·Ý /etc/wpa_supplicant.conf À´ÅäÖ㬠·½·¨ÊÇÖ´ÐУº

# wpa_supplicant -i wlan0 -c /etc/wpa_supplicant.conf
Trying to associate with 00:11:95:c3:0d:ac (SSID='freebsdap' freq=2412 MHz)
Associated with 00:11:95:c3:0d:ac
WPA: Key negotiation completed with 00:11:95:c3:0d:ac [PTK=CCMP GTK=CCMP]
CTRL-EVENT-CONNECTED - Connection to 00:11:95:c3:0d:ac completed (auth) [id=0 id_str=]

¡¡¡¡½ÓÏÂÀ´µÄ²Ù×÷£¬ ÊÇÔËÐÐ dhclient ÃüÁîÀ´´Ó DHCP ·þÎñÆ÷»ñÈ¡ IP£º

# dhclient wlan0
DHCPREQUEST on wlan0 to 255.255.255.255 port 67
DHCPACK from 192.168.0.1
bound to 192.168.0.254 -- renewal in 300 seconds.
# ifconfig wlan0
wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
      ether 00:11:95:d5:43:62
      inet 192.168.0.254 netmask 0xffffff00 broadcast 192.168.0.255
      media: IEEE 802.11 Wireless Ethernet OFDM/36Mbps mode 11g
      status: associated
      ssid freebsdap channel 1 (2412 Mhz 11g) bssid 00:11:95:c3:0d:ac
      country US ecm authmode WPA2/802.11i privacy ON deftxkey UNDEF
      AES-CCM 3:128-bit txpower 21.5 bmiss 7 scanvalid 450 bgscan
      bgscanintvl 300 bgscanidle 250 roam:rssi 7 roam:rate 5 protmode CTS
      wme burst roaming MANUAL

×¢Òâ: Èç¹û /etc/rc.conf µÄÅäÖÃÖУ¬ ʹÓÃÁË ifconfig_wlan0="DHCP"£¬ ¾Í²»ÐèÒªÊÖ¹¤ÔËÐÐ dhclient ÃüÁîÁË£¬ ÒòΪ dhclient ½«ÔÚ wpa_supplicant ̽²âµ½ÃÜÔ¿Ö®ºóÖ´ÐС£

¡¡¡¡ÔÚÕâ¸öÀý×ÓÖУ¬ DHCP ²¢²»¿ÉÓ㬠Äú¿ÉÒÔÔÚ wpa_supplicant ΪͨѶվÍê³ÉÁËÉí·ÝÈÏÖ¤Ö®ºó£¬ Ö¸¶¨¾²Ì¬ IP µØÖ·£º

# ifconfig wlan0 inet 192.168.0.100 netmask 255.255.255.0
# ifconfig wlan0
wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
      ether 00:11:95:d5:43:62
      inet 192.168.0.100 netmask 0xffffff00 broadcast 192.168.0.255
      media: IEEE 802.11 Wireless Ethernet OFDM/36Mbps mode 11g
      status: associated
      ssid freebsdap channel 1 (2412 Mhz 11g) bssid 00:11:95:c3:0d:ac
      country US ecm authmode WPA2/802.11i privacy ON deftxkey UNDEF
      AES-CCM 3:128-bit txpower 21.5 bmiss 7 scanvalid 450 bgscan
      bgscanintvl 300 bgscanidle 250 roam:rssi 7 roam:rate 5 protmode CTS
      wme burst roaming MANUAL

¡¡¡¡Èç¹ûûÓÐʹÓà DHCP£¬ »¹ÐèÒªÊÖ¹¤ÅäÖÃĬÈÏÍø¹Ø£¬ ÒÔ¼°ÓòÃû·þÎñÆ÷£º

# route add default your_default_router
# echo "nameserver your_DNS_server" >> /etc/resolv.conf
31.3.3.1.3.2 ʹÓà EAP-TLS µÄ WPA

¡¡¡¡Ê¹Óà WPA µÄµÚ¶þÖÖ·½Ê½ÊÇʹÓà 802.1X ºó¶ËÑéÖ¤·þÎñÆ÷£¬ ÔÚÕâ¸öÀý×ÓÖУ¬ WPA Ò²³Æ×÷ ÆóÒµ-WPA£¬ ÒÔ±ãÓ밲ȫÐԽϲ ²ÉÓÃÊÂÏÈ·Ö·¢ÃÜÔ¿µÄ ¸öÈË-WPA Çø·Ö¿ªÀ´¡£ ÔÚ ÆóÒµ-WPA ÖУ¬ ÑéÖ¤²Ù×÷ÊDzÉÓà EAP Íê³ÉµÄ (¿ÉÀ©Õ¹ÈÏ֤ЭÒé)¡£

¡¡¡¡EAP ²¢Î´¸½´ø¼ÓÃÜ·½·¨£¬ Òò´ËÉè¼ÆÕß¾ö¶¨½« EAP ·ÅÔÚ¼ÓÃÜÐŵÀÖнøÐд«ËÍ¡£ Ϊ´ËÉè¼ÆÁËÐí¶à EAP ÑéÖ¤·½·¨£¬ ×î³£Óõķ½·¨ÊÇ EAP-TLS¡¢ EAP-TTLS ºÍ EAP-PEAP¡£

¡¡¡¡EAP-TLS (´ø ´«Êä²ã°²È« µÄ EAP) ÊÇÒ»ÖÖÔÚÎÞÏßÊÀ½çÖеõ½Á˹㷺֧³ÖµÄÑé֤ЭÒ飬 ÒòΪËüÊÇ Wi-Fi ÁªÃË ºË×¼µÄµÚÒ»¸ö EAP ·½·¨¡£ EAP-TLS ÐèҪʹÓÃÈý¸öÖ¤Ê飺 CA Ö¤Êé (ÔÚËùÓмÆËã»úÉϰ²×°)¡¢ ÓÃÒÔÏòÄúÖ¤Ã÷·þÎñÆ÷Éí·ÝµÄ·þÎñÆ÷Ö¤Ê飬 ÒÔ¼°Ã¿¸öÎÞÏ߿ͻ§¶ËÓÃÓÚÖ¤Ã÷Éí·ÝµÄ¿Í»§»úÖ¤Êé¡£ ÔÚÕâÖÖ EAP ·½Ê½ÖУ¬ ÑéÖ¤·þÎñÆ÷ºÍÎÞÏ߿ͻ§¶Ë¾ùͨ¹ý×Ô¼ºµÄÖ¤ÊéÏò¶Ô·½Ö¤Ã÷Éí·Ý£¬ ËüÃǾùÑéÖ¤¶Ô·½µÄÖ¤ÊéÊDZ¾»ú¹¹µÄÖ¤Êé·¢Ö¤»ú¹¹ (CA) Ç©·¢µÄ¡£

¡¡¡¡Óë֮ǰ½éÉܵķ½·¨ÀàËÆ£¬ ÅäÖÃÒ²ÊÇͨ¹ý /etc/wpa_supplicant.conf À´Íê³ÉµÄ£º

network={
  ssid="freebsdap" (1)
  proto=RSN  (2)
  key_mgmt=WPA-EAP (3)
  eap=TLS (4)
  identity="loader" (5)
  ca_cert="/etc/certs/cacert.pem" (6)
  client_cert="/etc/certs/clientcert.pem" (7)
  private_key="/etc/certs/clientkey.pem" (8)
  private_key_passwd="freebsdmallclient" (9)
}
(1)
Õâ¸ö×ֶαíÊ¾ÍøÂçÃû (SSID)¡£
(2)
ÕâÀ ÎÒÃÇʹÓà RSN (IEEE 802.11i) ЭÒ飬 Ò²¾ÍÊÇ WPA2¡£
(3)
key_mgmt ÕâÐбíʾËùÓõÄÃÜÔ¿¹ÜÀíЭÒé¡£ ÔÚÎÒÃǵÄÀý×ÓÖУ¬ ËüÊÇʹÓà EAP ÑéÖ¤µÄ WPA£º WPA-EAP¡£
(4)
Õâ¸ö×Ö¶ÎÖУ¬ Ìáµ½ÁËÎÒÃǵÄÁ¬½Ó²ÉÓà EAP ·½Ê½¡£
(5)
identity ×ֶΰüº¬ÁË EAP µÄʵÌå´®¡£
(6)
ca_cert ×ֶθø³öÁË CA Ö¤ÊéÎļþµÄ·¾¶Ãû¡£ ÔÚÑéÖ¤·þÎñÆ÷Ö¤Êéʱ£¬ Õâ¸öÎļþÊDZØÐèµÄ¡£
(7)
client_cert ÕâÐиø³öÁ˿ͻ§»úÖ¤ÊéµÄ·¾¶Ãû¡£ ¶Ôÿ¸öÎÞÏ߿ͻ§¶Ë¶øÑÔ£¬ Õâ¸öÖ¤Êé¶¼ÊÇÔÚÈ«Íø·¶Î§ÄÚΨһµÄ¡£
(8)
private_key ×Ö¶ÎÊǿͻ§»úÖ¤Êé˽ԿÎļþµÄ·¾¶Ãû¡£
(9)
private_key_passwd ×Ö¶ÎÊÇ˽ԿµÄ¿ÚÁî×Ö¡£

¡¡¡¡½Ó×Å£¬ °ÑÏÂÃæµÄÅäÖÃдÈë /etc/rc.conf£º

wlans_ath0="wlan0"
ifconfig_wlan0="WPA DHCP"

¡¡¡¡ÏÂÒ»²½ÊÇʹÓà rc.d »úÖÆÀ´ÆôÓÃÍøÂç½Ó¿Ú£º

# /etc/rc.d/netif start
Starting wpa_supplicant.
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 7
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 15
DHCPACK from 192.168.0.20
bound to 192.168.0.254 -- renewal in 300 seconds.
wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
      ether 00:11:95:d5:43:62
      inet 192.168.0.254 netmask 0xffffff00 broadcast 192.168.0.255
      media: IEEE 802.11 Wireless Ethernet DS/11Mbps mode 11g
      status: associated
      ssid freebsdap channel 1 (2412 Mhz 11g) bssid 00:11:95:c3:0d:ac
      country US ecm authmode WPA2/802.11i privacy ON deftxkey UNDEF
      AES-CCM 3:128-bit txpower 21.5 bmiss 7 scanvalid 450 bgscan
      bgscanintvl 300 bgscanidle 250 roam:rssi 7 roam:rate 5 protmode CTS
      wme burst roaming MANUAL

¡¡¡¡ÈçÇ°ÃæÌáµ½µÄÄÇÑù£¬ Ò²¿ÉÒÔÊÖ¹¤Í¨¹ý wpa_supplicant ºÍ ifconfig ÃüÁî´ïµ½ÀàËÆµÄÄ¿µÄ¡£

31.3.3.1.3.3 ʹÓà EAP-TTLS µÄ WPA

¡¡¡¡ÔÚʹÓà EAP-TLS ʱ£¬ ²ÎÓëÑéÖ¤¹ý³ÌµÄ·þÎñÆ÷ºÍ¿Í»§»ú¶¼ÐèÒªÖ¤Ê飬 ¶øÔÚʹÓà EAP-TTLS (´ø´«Êä²ã°²È«ËíµÀµÄ EAP) ʱ£¬ ¿Í»§»úÖ¤ÊéÔòÊÇ¿ÉÑ¡µÄ¡£ ÕâÖÖ·½Ê½ÓëijЩ°²È« web Õ¾µã¸üΪ½Ó½ü£¬ ¼´Ê¹·ÃÎÊÕßûÓпͻ§¶ËÖ¤Ê飬 ÕâЩ web ·þÎñÆ÷Ò²Äܽ¨Á¢°²È«µÄ SSL ËíµÀ¡£ EAP-TTLS »áʹÓüÓÃÜµÄ TLS ËíµÀÀ´´«ËÍÑéÖ¤ÐÅÏ¢¡£

¡¡¡¡¶ÔÓÚËüµÄÅäÖ㬠ͬÑùÊÇͨ¹ý /etc/wpa_supplicant.conf ÎļþÀ´½øÐеģº

network={
  ssid="freebsdap"
  proto=RSN
  key_mgmt=WPA-EAP
  eap=TTLS (1)
  identity="test" (2)
  password="test" (3)
  ca_cert="/etc/certs/cacert.pem" (4)
  phase2="auth=MD5" (5)
}
(1)
Õâ¸ö×Ö¶ÎÊÇÎÒÃǵÄÁ¬½ÓËù²ÉÓÃµÄ EAP ·½Ê½¡£
(2)
identity ×Ö¶ÎÖÐÊÇÔÚ¼ÓÃÜ TLS ËíµÀÖÐÓÃÓÚ EAP ÑéÖ¤µÄÉí·Ý´®¡£
(3)
password ×Ö¶ÎÖÐÊÇÓÃÓÚ EAP ÑéÖ¤µÄ¿ÚÁî×Ö¡£
(4)
ca_cert ×ֶθø³öÁË CA Ö¤ÊéÎļþµÄ·¾¶Ãû¡£ ÔÚÑéÖ¤·þÎñÆ÷Ö¤Êéʱ£¬ Õâ¸öÎļþÊDZØÐèµÄ¡£
(5)
Õâ¸ö×Ö¶ÎÖиø³öÁ˼ÓÃÜ TLS ËíµÀÖÐʹÓõÄÑéÖ¤·½Ê½¡£ ÔÚÕâ¸öÀý×ÓÖУ¬ ÎÒÃÇʹÓõÄÊÇ´ø MD5-¼ÓÃÜ¿ÚÁî µÄ EAP¡£ ¡°inner authentication¡± (Òë×¢£ºÄÚ²¿¼ø¶¨) ͨ³£Ò²½Ð ¡°phase2¡±¡£

¡¡¡¡Äú»¹±ØÐë°ÑÏÂÃæµÄÅäÖÃдÈë /etc/rc.conf£º

wlans_ath0="wlan0"
ifconfig_wlan0="WPA DHCP"

¡¡¡¡ÏÂÒ»²½ÊÇÆôÓÃÍøÂç½Ó¿Ú£º

# /etc/rc.d/netif start
Starting wpa_supplicant.
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 7
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 15
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 21
DHCPACK from 192.168.0.20
bound to 192.168.0.254 -- renewal in 300 seconds.
wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
      ether 00:11:95:d5:43:62
      inet 192.168.0.254 netmask 0xffffff00 broadcast 192.168.0.255
      media: IEEE 802.11 Wireless Ethernet DS/11Mbps mode 11g
      status: associated
      ssid freebsdap channel 1 (2412 Mhz 11g) bssid 00:11:95:c3:0d:ac
      country US ecm authmode WPA2/802.11i privacy ON deftxkey UNDEF
      AES-CCM 3:128-bit txpower 21.5 bmiss 7 scanvalid 450 bgscan
      bgscanintvl 300 bgscanidle 250 roam:rssi 7 roam:rate 5 protmode CTS
      wme burst roaming MANUAL
31.3.3.1.3.4 ʹÓà EAP-PEAP µÄ WPA

¡¡¡¡PEAP (Êܱ£»¤µÄ EAP) ±»Éè¼ÆÓÃÒÔÌæ´ú EAP-TTLS¡£ ÓÐÁ½ÖÖÀàÐ굀 PEAP ·½·¨£¬ ×î³£ÓõÄÊÇ PEAPv0/EAP-MSCHAPv2¡£ ÔÚÕâÆªÎĵµÓàϵIJ¿·ÖÖУ¬ ÊõÓï PEAP ÊÇÖ¸ÕâÖÖ EAP ·½·¨¡£ PEAP ÊÇÔÚ EAP-TLS Ö®ºó×îΪ³£ÓÃµÄ EAP ±ê×¼£¬ »»ÑÔÖ®£¬ Èç¹ûÄúµÄÍøÂçÖÐÓжàÖÖ²»Í¬µÄ²Ù×÷ϵͳ£¬ PEAP ½«Êǽö´ÎÓÚ EAP-TLS µÄÖ§³Ö×î¹ãµÄ±ê×¼¡£

¡¡¡¡PEAP Óë EAP-TTLS ºÜÏñ£º ËüʹÓ÷þÎñÆ÷¶ËÖ¤Ê飬 ͨ¹ýÔÚ¿Í»§¶ËÓëÑéÖ¤·þÎñÆ÷Ö®¼ä½¨Á¢¼ÓÃÜµÄ TLS ËíµÀÀ´ÏòÓû§ÑéÖ¤Éí·Ý£¬ Õâ±£»¤ÁËÑéÖ¤ÐÅÏ¢µÄ½»»»¹ý³Ì¡£ ÔÚ°²È«·½Ã棬 EAP-TTLS Óë PEAP µÄÇø±ðÊÇ PEAP »áÒÔÃ÷ÎĹ㲥Óû§Ãû£¬ Ö»ÓпÚÁîÊÇͨ¹ý¼ÓÃÜ TLS ËíµÀ´«Ë͵ġ£ ¶ø EAP-TTLS ÔÚ´«ËÍÓû§ÃûºÍ¿ÚÁîʱ£¬ ¶¼Ê¹Óà TLS ËíµÀ¡£

¡¡¡¡ÎÒÃÇÐèÒª±à¼­ /etc/wpa_supplicant.conf Îļþ£¬ ²¢¼ÓÈëÓë EAP-PEAP ÓйصÄÅäÖãº

network={
  ssid="freebsdap"
  proto=RSN
  key_mgmt=WPA-EAP
  eap=PEAP (1)
  identity="test" (2)
  password="test" (3)
  ca_cert="/etc/certs/cacert.pem" (4)
  phase1="peaplabel=0" (5)
  phase2="auth=MSCHAPV2" (6)
}
(1)
Õâ¸ö×ֶεÄÄÚÈÝÊÇÓÃÓÚÁ¬½ÓµÄ EAP ·½Ê½¡£
(2)
identity ×Ö¶ÎÖÐÊÇÔÚ¼ÓÃÜ TLS ËíµÀÖÐÓÃÓÚ EAP ÑéÖ¤µÄÉí·Ý´®¡£
(3)
password ×Ö¶ÎÖÐÊÇÓÃÓÚ EAP ÑéÖ¤µÄ¿ÚÁî×Ö¡£
(4)
ca_cert ×ֶθø³öÁË CA Ö¤ÊéÎļþµÄ·¾¶Ãû¡£ ÔÚÑéÖ¤·þÎñÆ÷Ö¤Êéʱ£¬ Õâ¸öÎļþÊDZØÐèµÄ¡£
(5)
Õâ¸ö×ֶΰüº¬Á˵ÚÒ»½×¶ÎÑéÖ¤ (TLS ËíµÀ) µÄ²ÎÊý¡£ ËæÄúʹÓõÄÑéÖ¤·þÎñÆ÷µÄ²»Í¬£¬ ÄúÐèÒªÖ¸¶¨ÑéÖ¤µÄ±êÇ©¡£ ¶àÊýʱºò£¬ ±êǩӦ¸ÃÊÇ ¡°¿Í»§¶Ë EAP ¼ÓÃÜ¡±£¬ Õâ¿ÉÒÔͨ¹ýʹÓà peaplabel=0 À´Ö¸¶¨¡£ ¸ü¶àÐÅÏ¢¿ÉÒÔÔÚÁª»úÊÖ²á wpa_supplicant.conf(5) ÖÐÕÒµ½¡£
(6)
Õâ¸ö×ֶεÄÄÚÈÝÊÇÑé֤ЭÒéÔÚ¼ÓÃÜµÄ TLS ËíµÀÖÐʹÓõÄÐÅÏ¢¡£ ¶Ô PEAP ¶øÑÔ£¬ ÕâÊÇ auth=MSCHAPV2¡£

¡¡¡¡Äú»¹±ØÐë°ÑÏÂÃæµÄÅäÖüÓÈëµ½ /etc/rc.conf£º

wlans_ath0="wlan0"
ifconfig_wlan0="WPA DHCP"

¡¡¡¡ÏÂÒ»²½ÊÇÆôÓÃÍøÂç½Ó¿Ú£º

# /etc/rc.d/netif start
Starting wpa_supplicant.
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 7
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 15
DHCPREQUEST on wlan0 to 255.255.255.255 port 67 interval 21
DHCPACK from 192.168.0.20
bound to 192.168.0.254 -- renewal in 300 seconds.
wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
      ether 00:11:95:d5:43:62
      inet 192.168.0.254 netmask 0xffffff00 broadcast 192.168.0.255
      media: IEEE 802.11 Wireless Ethernet DS/11Mbps mode 11g
      status: associated
      ssid freebsdap channel 1 (2412 Mhz 11g) bssid 00:11:95:c3:0d:ac
      country US ecm authmode WPA2/802.11i privacy ON deftxkey UNDEF
      AES-CCM 3:128-bit txpower 21.5 bmiss 7 scanvalid 450 bgscan
      bgscanintvl 300 bgscanidle 250 roam:rssi 7 roam:rate 5 protmode CTS
      wme burst roaming MANUAL

31.3.3.1.4 WEP

¡¡¡¡WEP (ÓÐÏßµÈЧЭÒé) ÊÇ×î³õ 802.11 ±ê×¼µÄÒ»²¿·Ö¡£ ÆäÖÐûÓÐÌṩÉí·ÝÑéÖ¤»úÖÆ£¬ Ö»ÌṩÁËÈõ·ÃÎÊ¿ØÖÆ£¬ ¶øÇÒºÜÈÝÒ×ÆÆ½â¡£

¡¡¡¡WEP ¿ÉÒÔͨ¹ý ifconfig ÅäÖãº

# ifconfig wlan0 create wlandev ath0
# ifconfig wlan0 inet 192.168.1.100 netmask 255.255.255.0 \
            ssid my_net wepmode on weptxkey 3 wepkey 3:0x3456789012
  • weptxkey Ö¸Ã÷ÁËʹÓÃÄĸö WEP ÃÜÔ¿À´½øÐÐÊý¾Ý´«Êä¡£ ÕâÀïÎÒÃÇʹÓõÚÈý¸öÃÜÔ¿¡£ Ëü±ØÐëÓëÎÞÏß½ÓÈëµãµÄÅäÖÃÒ»Ö¡£ Èç¹ûÄã²»Çå³þÄãµÄÎÞÏß½ÓÈëµã£¬ ÄãÓ¦¸Ã³¢ÊÔÓà 1 £¨¾ÍÊÇ˵µÚÒ»¸öÃÜÔ¿£©À´ÉèÖÃÕâ¸ö±äÁ¿¡£

  • wepkey ±íʾÉèÖÃËùÑ¡µÄ WEP ÃÜÔ¿¡£ Æä¸ñʽӦΪ index:key£¬ Èç¹ûûÓиø³ö index Öµ£¬ ÔòĬÈÏΪ 1¡£ Òò´Ë£¬ Èç¹ûÐèÒªÉèÖõÄÃÜÔ¿²»ÊǵÚÒ»¸ö£¬ ¾Í±ØÐèÖ¸¶¨ index ÁË¡£

    ×¢Òâ: ÄúÐèÒª½« 0x3456789012 ¸ÄΪÔÚÎÞÏß½ÓÈëµãÉÏÅäÖõÄÄǸö¡£

¡¡¡¡ÎÒÃǽ¨ÒéÄúÔĶÁÁª»úÊÖ²á ifconfig(8) À´ÁË½â½øÒ»²½µÄÐÅÏ¢¡£

¡¡¡¡wpa_supplicant »úÖÆÒ²¿ÉÒÔÓÃÀ´ÅäÖÃÄúµÄÎÞÏßÍø¿¨Ê¹Óà WEP¡£ Ç°ÃæµÄÀý×ÓÒ²¿ÉÒÔͨ¹ýÔÚ /etc/wpa_supplicant.conf ÖмÓÈëÏÂÊöÉèÖÃÀ´ÊµÏÖ£º

network={
  ssid="my_net"
  key_mgmt=NONE
  wep_key3=3456789012
  wep_tx_keyidx=3
}

¡¡¡¡½Ó×Å£º

# wpa_supplicant -i wlan0 -c /etc/wpa_supplicant.conf
Trying to associate with 00:13:46:49:41:76 (SSID='dlinkap' freq=2437 MHz)
Associated with 00:13:46:49:41:76

31.3.4 Ad-hoc ģʽ

¡¡¡¡IBSS ģʽ£¬ Ò²³ÆÎª ad-hoc ģʽ£¬ ÊÇΪµã¶ÔµãÁ¬½ÓÉè¼ÆµÄ¡£ ÀýÈ磬 Èç¹ûÏ£ÍûÔÚ¼ÆËã»ú A ºÍ B Ö®¼ä½¨Á¢ ad-hoc ÍøÂ磬 ÎÒÃÇÖ»ÐèÑ¡ÔñÁ½¸ö IP µØÖ·ºÍÒ»¸ö SSID ¾Í¿ÉÒÔÁË¡£

¡¡¡¡ÔÚ¼ÆËã»ú A ÉÏ£º

# ifconfig wlan0 create wlandev ath0 wlanmode adhoc
# ifconfig wlan0 inet 192.168.0.1 netmask 255.255.255.0 ssid freebsdap
# ifconfig wlan0
  wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
          ether 00:11:95:c3:0d:ac
          inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255
          media: IEEE 802.11 Wireless Ethernet autoselect mode 11g <adhoc>
          status: running
          ssid freebsdap channel 2 (2417 Mhz 11g) bssid 02:11:95:c3:0d:ac
          country US ecm authmode OPEN privacy OFF txpower 21.5 scanvalid 60
          protmode CTS wme burst

¡¡¡¡´Ë´¦µÄ adhoc ²ÎÊý±íʾÎÞÏßÍøÂç½Ó¿ÚÓ¦ÒÔ IBSS ģʽÔËת¡£

¡¡¡¡´Ëʱ£¬ ÔÚ B ÉÏÓ¦¸ÃÄܹ»¼ì²âµ½ A µÄ´æÔÚÁË£º

# ifconfig wlan0 create wlandev ath0 wlanmode adhoc
# ifconfig wlan0 up scan
  SSID/MESH ID    BSSID              CHAN RATE   S:N     INT CAPS
  freebsdap       02:11:95:c3:0d:ac    2   54M -64:-96  100 IS   WME

¡¡¡¡ÔÚÊä³öÖÐµÄ I ÔÙ´ÎÈ·ÈÏÁË A »úÊÇÒÔ ad-hoc ģʽÔËÐеġ£ ÎÒÃÇÖ»Ðè¸ø B ÅäÖÃÒ»²»Í¬µÄ IP µØÖ·£º

# ifconfig wlan0 inet 192.168.0.2 netmask 255.255.255.0 ssid freebsdap
# ifconfig wlan0
  wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
          ether 00:11:95:d5:43:62
          inet 192.168.0.2 netmask 0xffffff00 broadcast 192.168.0.255
          media: IEEE 802.11 Wireless Ethernet autoselect mode 11g <adhoc>
          status: running
          ssid freebsdap channel 2 (2417 Mhz 11g) bssid 02:11:95:c3:0d:ac
          country US ecm authmode OPEN privacy OFF txpower 21.5 scanvalid 60
          protmode CTS wme burst

¡¡¡¡ÕâÑù£¬ A ºÍ B ¾Í¿ÉÒÔ½»»»ÐÅÏ¢ÁË¡£

31.3.5 FreeBSD »ùÓÚÖ÷»úµÄ£¨ÎÞÏߣ©·ÃÎʽÓÈëµã

¡¡¡¡FreeBSD ¿ÉÒÔ×÷Ϊһ¸ö£¨ÎÞÏߣ©·ÃÎʽÓÈëµã£¨AP£©£¬ ÕâÑù¿ÉÒÔ²»±ØÔÙÈ¥ÂòÒ»¸öÓ²¼þ AP »òÕßʹÓà ad-hoc ģʽµÄÍøÂç¡£ µ±ÄãµÄ FreeBSD »úÆ÷×÷ÎªÍø¹ØÁ¬½Óµ½ÁíÍâÒ»¸öÍøÂçµÄʱºò½«·Ç³£ÓÐÓá£

31.3.5.1 »ù±¾ÅäÖÃ

¡¡¡¡ÔÚ°ÑÄãµÄ FreeBSD »úÆ÷ÅäÖóÉÒ»¸ö AP ÒÔǰ£¬ ÄãÊ×ÏÈÐèÒªÏÈÔÚÄÚºËÅäÖúöÔÄãµÄÎÞÏßÍø¿¨µÄÎÞÏßÍøÂçÖ§³Ö¡£ µ±È»Ä㻹ÐèÒª¼ÓÉÏÄãÏëÓõİ²È«Ð­Òé¡£Ïë»ñµÃ¸üÏêϸµÄÐÅÏ¢£¬ Çë²ÎÔÄ µÚ 31.3.2 ½Ú¡£

×¢Òâ: Ŀǰ»¹²»Ö§³ÖʹÓà Windows Çý¶¯ºÍ NDIS Çý¶¯°ü×°µÄÍø¿¨×öΪ AP ʹÓá£Ö»ÓÐ FreeBSD Ô­ÉúµÄÎÞÏßÇý¶¯Äܹ»Ö§³Ö AP ģʽ¡£

¡¡¡¡Ò»µ©×°ÔØÁËÎÞÏßÍøÂçµÄÖ§³Ö£¬ Äã¾Í¿ÉÒÔ¼ì²éһϿ´¿´ÄãµÄÎÞÏßÉ豸ÊÇ·ñÖ§³Ö»ùÓÚÖ÷»úµÄÎÞÏß·ÃÎʽÓÈëģʽ £¨Í¨³£Ò²±»³ÆÎª hostap ģʽ£©£º

# ifconfig wlan0 create wlandev ath0
# ifconfig wlan0 list caps
drivercaps=6f85edc1<STA,FF,TURBOP,IBSS,HOSTAP,AHDEMO,TXPMGT,SHSLOT,SHPREAMBLE,MONITOR,MBSS,WPA1,WPA2,BURST,WME,WDS,BGSCAN,TXFRAG>
cryptocaps=1f<WEP,TKIP,AES,AES_CCM,TKIPMIC>

¡¡¡¡Õâ¶ÎÊä³öÏÔʾÁËÍø¿¨ËùÖ§³ÖµÄ¸÷ÖÖ¹¦ÄÜ£» ÆäÖеĹؼü×Ö HOSTAP ±íʾÕâ¿éÍø¿¨¿ÉÒÔ×÷ΪÎÞÏßÍøÂç½ÓÈëµãÀ´Ê¹Óᣠ´ËÍ⣬ ÕâÀﻹ»á¸ø³öËùÖ§³ÖµÄ¼ÓÃÜËã·¨£º WEP¡¢ TKIP¡¢ AES£¬ µÈµÈ£¬ ÕâЩÐÅÏ¢¶ÔÓÚÖªµÀÔÚ·ÃÎʽÓÈëµãÉÏʹÓúÎÖÖ°²È«Ð­Òé·Ç³£ÖØÒª¡£

¡¡¡¡Ö»Óд´½¨ÍøÂçαÉ豸ʱÄܹ»ÅäÖÃÎÞÏßÉ豸ÊÇ·ñÒÔ hostap ģʽÔËÐУ¬ Èç¹û֮ǰÒѾ­´æÔÚÁËÏàÓ¦µÄÉ豸£¬ ÔòÐèÒªÊ×ÏȽ«ÆäÏú»Ù£º

# ifconfig wlan0 destroy

¡¡¡¡½Ó×Å£¬ ÔÚÅäÖÃÆäËü²ÎÊýǰ£¬ ÒÔÕýÈ·µÄÑ¡ÏîÖØÐÂÉú³ÉÉ豸£º

# ifconfig wlan0 create wlandev ath0 wlanmode hostap
# ifconfig wlan0 inet 192.168.0.1 netmask 255.255.255.0 ssid freebsdap mode 11g channel 1

¡¡¡¡ÔÙ´ÎʹÓà ifconfig ¼ì²é wlan0 ÍøÂç½Ó¿ÚµÄ״̬£º

# ifconfig wlan0
  wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
          ether 00:11:95:c3:0d:ac
          inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255
          media: IEEE 802.11 Wireless Ethernet autoselect mode 11g <hostap>
          status: running
          ssid freebsdap channel 1 (2412 Mhz 11g) bssid 00:11:95:c3:0d:ac
          country US ecm authmode OPEN privacy OFF txpower 21.5 scanvalid 60
          protmode CTS wme burst dtimperiod 1 -dfs

¡¡¡¡hostap ²ÎÊýÖ¸¶¨Á˽ӿÚÒÔÖ÷»ú½ÓÈëµãµÄ·½Ê½ÔËÐС£

¡¡¡¡Í¨¹ýÔÚ /etc/rc.conf ÖмÓÈëÏÂÃæµÄÅäÖ㬠Ҳ¿ÉÒÔÔÚϵͳÒýµ¼µÄ¹ý³ÌÖÐ×Ô¶¯Íê³É¶ÔÓÚÍøÂç½Ó¿ÚµÄÅäÖãº

wlans_ath0="wlan0"
create_args_wlan0="wlanmode hostap"
ifconfig_wlan0="inet 192.168.0.1 netmask 255.255.255.0 ssid freebsdap mode 11g channel 1"

31.3.5.2 ²»Ê¹ÓÃÈÏÖ¤»ò¼ÓÃܵģ¨ÎÞÏߣ©·ÃÎʽÓÈëµã

¡¡¡¡¾¡¹ÜÎÒÃDz»ÍƼöÔËÐÐÒ»¸ö²»Ê¹ÓÃÈκÎÈÏÖ¤»ò¼ÓÃÜµÄ AP£¬ µ«ÕâÊÇÒ»¸ö·Ç³£¼òµ¥µÄ¼ì²â AP ÊÇ·ñÕý³£¹¤×÷µÄ·½·¨¡£ ÕâÑùÅäÖöÔÓÚµ÷ÊÔ¿Í»§¶ËÎÊÌâÒ²·Ç³£ÖØÒª¡£

¡¡¡¡Ò»µ© AP ±»ÅäÖóÉÁËÎÒÃÇÇ°ÃæËùչʾµÄÄÇÑù£¬ ¾Í¿ÉÒÔÔÚÁíÍâһ̨ÎÞÏß»úÆ÷Éϳõʼ»¯Ò»´ÎɨÃèÀ´ÕÒµ½Õâ¸ö AP£º

# ifconfig wlan0 create wlandev ath0
# ifconfig wlan0 up scan
SSID/MESH ID    BSSID              CHAN RATE   S:N     INT CAPS
freebsdap       00:11:95:c3:0d:ac    1   54M -66:-96  100 ES   WME

¡¡¡¡ÔÚ¿Í»§»úÉÏÄÜ¿´µ½ÒѾ­Á¬½ÓÉÏÁË£¨ÎÞÏߣ©·ÃÎʽÓÈëµã£º

# ifconfig wlan0 inet 192.168.0.2 netmask 255.255.255.0 ssid freebsdap
# ifconfig wlan0
  wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
          ether 00:11:95:d5:43:62
          inet 192.168.0.2 netmask 0xffffff00 broadcast 192.168.0.255
          media: IEEE 802.11 Wireless Ethernet OFDM/54Mbps mode 11g
          status: associated
          ssid freebsdap channel 1 (2412 Mhz 11g) bssid 00:11:95:c3:0d:ac
          country US ecm authmode OPEN privacy OFF txpower 21.5 bmiss 7
          scanvalid 60 bgscan bgscanintvl 300 bgscanidle 250 roam:rssi 7
          roam:rate 5 protmode CTS wme burst

31.3.5.3 ʹÓà WPA µÄ£¨ÎÞÏߣ©·ÃÎʽÓÈëµã

¡¡¡¡ÕâÒ»¶Î½«×¢ÖؽéÉÜÔÚ FreeBSD £¨ÎÞÏߣ©·ÃÎʽÓÈëµãÉÏÅäÖÃʹÓà WPA °²È«Ð­Òé¡£ ¸ü¶àÓÐ¹Ø WPA ºÍÅäÖûùÓÚ WPA ÎÞÏ߿ͻ§¶ËµÄϸ½Ú Çë²ÎÔÄ µÚ 31.3.3.1.3 ½Ú¡£

¡¡¡¡hostapd ÊØ»¤½ø³Ì½«±»ÓÃÓÚ´¦ÀíÓë¿Í»§¶ËµÄÈÏÖ¤ºÍÔÚÆôÓà WPA £¨ÎÞÏߣ©·ÃÎʽÓÈëµãÉϵÄÃÜÔ¿¹ÜÀí¡£

¡¡¡¡½ÓÏÂÀ´£¬ËùÓеÄÅäÖòÙ×÷¶¼½«ÔÚ×÷Ϊ AP µÄ FreeBSD »úÆ÷ÉÏÍê³É¡£ Ò»µ© AP Äܹ»ÕýÈ·µÄ¹¤×÷ÁË£¬±ã°ÑÈçÏÂÕâÐмÓÈë /etc/rc.conf ʹµÃ hostapd ÄÜÔÚ»úÆ÷Æô¶¯µÄʱºò×Ô¶¯ÔËÐУº

hostapd_enable="YES"

¡¡¡¡ÔÚÅäÖà hostapd ÒÔǰ£¬ ÇëÈ·±£ÄãÒѾ­Íê³ÉÁË»ù±¾ÅäÖÃÖÐËù½éÉܵIJ½Öè µÚ 31.3.5.1 ½Ú¡£

31.3.5.3.1 WPA-PSK

¡¡¡¡WPA-PSK Ö¼ÔÚΪûÓÐÈÏÖ¤·þÎñÆ÷µÄСÐÍÍøÂç¶øÉè¼ÆµÄ¡£

¡¡¡¡ÅäÖÃÎļþΪ /etc/hostapd.conf file£º

interface=wlan0 (1)
debug=1 (2)
ctrl_interface=/var/run/hostapd (3)
ctrl_interface_group=wheel (4)
ssid=freebsdap (5)
wpa=1 (6)
wpa_passphrase=freebsdmall (7)
wpa_key_mgmt=WPA-PSK (8)
wpa_pairwise=CCMP TKIP (9)
(1)
ÕâÒ»Ïî±êÃ÷ÁË·ÃÎʽÓÈëµãËùʹÓõÄÎÞÏß½Ó¿Ú¡£
(2)
ÕâÒ»ÏîÉèÖÃÁËÖ´ÐÐ hostapd ʱºòÏÔʾÏà¹ØÐÅÏ¢µÄÏêϸ³Ì¶È¡£ 1 ±íʾ×îСµÄ¼¶±ð¡£
(3)
ctrl_interface ÕâÏî¸ø³öÁË hostapd ´æ´¢ÓëÆäËûÍⲿ³ÌÐò£¨±ÈÈç hostapd_cli(8)) ͨÐŵÄÓòÌ×½Ó¿ÚÎļþ·¾¶¡£ÕâÀïʹÓÃÁËĬÈÏÖµ¡£
(4)
ctrl_interface_group ÕâÐÐÉèÖÃÁËÔÊÐí·ÃÎÊ¿ØÖƽçÃæÎļþµÄ×éÊôÐÔ £¨ÕâÀïÎÒÃÇʹÓÃÁË wheel ×飩¡£
(5)
ÕâÒ»ÏîÊÇÉèÖÃÍøÂçµÄÃû³Æ¡£
(6)
wpa ÕâÏî±íʾÆôÓÃÁË WPA ¶øÇÒÖ¸Ã÷ҪʹÓúÎÖÖ WPA ÈÏ֤ЭÒé¡£ Öµ 1 ±íʾ AP ½«Ê¹Óà WPA-PSK¡£
(7)
wpa_passphrase ÕâÏî°üº¬ÓÃÓÚ WPA ÈÏÖ¤µÄ ASCII ÃÜÂë¡£

¾¯¸æ: ͨ³£Ê¹ÓôӷḻµÄ×Öĸ±íÉú³É×ã¹»³¤¶ÈµÄǿ׳ÃÜÂ룬 ÒÔ²»ÖÁÓÚ±»ÇáÒ׵IJ²â»ò¹¥»÷µ½¡£

(8)
wpa_key_mgmt ÕâÐбíÃ÷ÁËÎÒÃÇËùʹÓõÄÃÜÔ¿¹ÜÀíЭÒé¡£ ÔÚÕâ¸öÀý×ÓÖÐÊÇ WPA-PSK¡£
(9)
wpa_pairwise ÕâÏî±íʾ£¨ÎÞÏߣ©·ÃÎʽÓÈëµãËù½ÓÊܵļÓÃÜËã·¨¡£ ÔÚÕâ¸öÀý×ÓÖУ¬TKIP(WPA) ºÍ CCMP(WPA2) ÃÜÂë¶¼»á±»½ÓÊÜ¡£ CCMP ÃÜÂëÊdzý TKIP ÍâµÄÁíÒ»ÖÖÑ¡Ôñ£¬ CCMP Ò»°ã×÷ΪÊ×Ñ¡ÃÜÂ룻 ½öÓÐÔÚ CCMP ²»Äܱ»Ê¹ÓõĻ·¾³ÖÐÑ¡Ôñ TKIP¡£

¡¡¡¡½ÓÏÂÀ´µÄÒ»²½¾ÍÊÇÔËÐÐ hostapd£º

# /etc/rc.d/hostapd forcestart
# ifconfig wlan0
  wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 2290
          inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255
          inet6 fe80::211:95ff:fec3:dac%ath0 prefixlen 64 scopeid 0x4
          ether 00:11:95:c3:0d:ac
          media: IEEE 802.11 Wireless Ethernet autoselect mode 11g <hostap>
          status: associated
          ssid freebsdap channel 1 bssid 00:11:95:c3:0d:ac
          authmode WPA2/802.11i privacy MIXED deftxkey 2 TKIP 2:128-bit txpowmax 36 protmode CTS dtimperiod 1 bintval 100

¡¡¡¡ÏÖÔÚ¿Í»§¶ËÄܹ»Á¬½ÓÉÏÔËÐеģ¨ÎÞÏߣ©·ÃÎʽÓÈëµãÁË£¬ ¸ü¶àϸ½Ú¿ÉÒÔ²ÎÔÄ µÚ 31.3.3.1.3 ½Ú¡£ ²é¿´ÓÐÄÄЩ¿Í»§Á¬½ÓÉÏÁË AP ¿ÉÒÔÔËÐÐÃüÁî ifconfig wlan0 list sta¡£

31.3.5.4 ʹÓà WEP µÄ£¨ÎÞÏߣ©·ÃÎʽÓÈëµã

¡¡¡¡ÎÒÃDz»ÍƼöʹÓà WEP À´ÉèÖÃÒ»¸ö£¨ÎÞÏߣ©·ÃÎʽÓÈëµã£¬ ÒòΪûÓÐÈÏÖ¤µÄ»úÖÆ²¢ÈÝÒ×±»ÆÆ½â¡£ һЩÀúÊ·ÒÅÁôϵÄÎÞÏßÍø¿¨½öÖ§³Ö WEP ×÷Ϊ°²È«Ð­Ò飬 ÕâÐ©Íø¿¨½öÔÊÐí´î½¨²»º¬ÈÏÖ¤»ò WEP ЭÒéµÄ AP¡£

¡¡¡¡ÔÚÉèÖÃÁËÕýÈ·µÄ SSID ºÍ IP µØÖ·ºó£¬ÎÞÏßÉ豸¾Í¿ÉÒÔ½øÈë hostap ģʽÁË£º

# ifconfig wlan0 create wlandev ath0 wlanmode hostap
# ifconfig wlan0 inet 192.168.0.1 netmask 255.255.255.0 \
        ssid freebsdap wepmode on weptxkey 3 wepkey 3:0x3456789012 mode 11g
  • weptxkey ±íʾ´«ÊäÖÐʹÓÃÄÄÒ»¸ö WEP ÃÜÔ¿¡£ Õâ¸öÀý×ÓÖÐÓÃÁ˵Ú3°ÑÃÜÔ¿£¨Çë×¢ÒâÃÜÔ¿µÄ±àºÅ´Ó 1¿ªÊ¼£©¡£ Õâ¸ö²ÎÊý±ØÐëÉèÖÃÒÔÓÃÀ´¼ÓÃÜÊý¾Ý¡£

  • wepkey ±íʾÉèÖÃËùʹÓÃµÄ WEP ÃÜÔ¿¡£ ËüÓ¦¸Ã·ûºÏ index:key ÕâÑùµÄ¸ñʽ¡£ Èç¹ûûÓÐÖ¸¶¨ index£¬ÄÇôĬÈÏֵΪ 1¡£ Õâ¾ÍÊÇ˵Èç¹ûÎÒÃÇʹÓÃÁ˳ýµÚÒ»°ÑÒÔÍâµÄÃÜÔ¿£¬ ÄÇô¾ÍÐèÒªÖ¸¶¨ index¡£

¡¡¡¡ÔÙʹÓÃÒ»´Î ifconfig ÃüÁî²é¿´ wlan0 ½Ó¿ÚµÄ״̬£º

# ifconfig wlan0
  wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
          ether 00:11:95:c3:0d:ac
          inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255
          media: IEEE 802.11 Wireless Ethernet autoselect mode 11g <hostap>
          status: running
          ssid freebsdap channel 4 (2427 Mhz 11g) bssid 00:11:95:c3:0d:ac
          country US ecm authmode OPEN privacy ON deftxkey 3 wepkey 3:40-bit
          txpower 21.5 scanvalid 60 protmode CTS wme burst dtimperiod 1 -dfs

¡¡¡¡ÏÖÔÚ¿ÉÒÔ´ÓÁíÍâһ̨ÎÞÏß»úÆ÷Éϳõʼ»¯Ò»´ÎɨÃèÀ´ÕÒµ½Õâ¸ö AP ÁË£º

# ifconfig wlan0 create wlandev ath0
# ifconfig wlan0 up scan
SSID            BSSID              CHAN RATE  S:N   INT CAPS
freebsdap       00:11:95:c3:0d:ac    1   54M 22:1   100 EPS

¡¡¡¡ÏÖÔÚ¿Í»§»úÄܹ»Ê¹ÓÃÕýÈ·µÄ²ÎÊý£¨ÃÜÔ¿µÈ£© ÕÒµ½²¢Á¬ÉÏ£¨ÎÞÏߣ©·ÃÎʽÓÈëµãÁË£¬ ¸ü¶àϸ½ÚÇë²ÎÔÄµÚ 31.3.3.1.4 ½Ú¡£

31.3.6 ͬʱʹÓÃÓÐÏߺÍÎÞÏßÁ¬½Ó

¡¡¡¡Ò»°ã¶øÑÔ£¬ ÓÐÏßÍøÂçµÄËٶȸü¿ì¶øÇÒ¸ü¿É¿¿£¬ ¶øÎÞÏßÍøÂçÔòÌṩ¸üºÃµÄÁé»î¼°»ú¶¯ÐÔ£¬ ʹÓñʼDZ¾µÄÓû§£¬ ÍùÍù»áÏ£Íû½áºÏÁ½ÕßµÄÓŵ㣬 ²¢Äܹ»ÔÚÁ½ÖÖÁ¬½ÓÖ®¼äÎÞ·ìÇл»¡£

¡¡¡¡ÔÚ FreeBSD ÉÏ¿ÉÒÔ½«¶à¸öÍøÂç½Ó¿ÚºÏ²¢µ½Ò»Æð£¬ ²¢ÒÔ ¡°¹ÊÕÏ×ªÒÆ¡± µÄ·½Ê½×Ô¶¯Çл»£¬ Ò²¾ÍÊÇ˵£¬ ÕâÒ»×éÍøÂç½Ó¿ÚÓÐÒ»¶¨µÄÓÅÏÈ˳Ðò£¬ ¶ø²Ù×÷ϵͳÔÚÁ´Â·×´Ì¬·¢Éú±ä»¯Ê±Ôò×Ô¶¯½øÐÐÇл»£¬ ÀýÈ統ͬʱ´æÔÚÓÐÏߺÍÎÞÏßÁ¬½ÓµÄʱºòÓÅÏÈʹÓÃÓÐÏßÍøÂ磬 ¶øµ±ÓÐÏßÍøÂç¶Ï¿ªÊ±£¬ Ôò×Ô¶¯Çл»µ½ÎÞÏßÍøÂç¡£

¡¡¡¡ÎÒÃǽ«ÔÚÉÔºóµÄ µÚ 31.6 ½Ú ÖнéÉÜÁ´Â·¾ÛºÏºÍ¹ÊÕÏ×ªÒÆ£¬ ²¢ÔÚ Àý 31-3 ÖжÔÕâÖÖÅäÖ÷½Ê½½øÐÐʾ·¶¡£

31.3.7 ¹ÊÕÏÅųý

¡¡¡¡Èç¹ûÄúÔÚʹÓÃÎÞÏßÍøÂçʱÓöµ½ÁËÂé·³£¬ ´Ë´¦ÌṩÁËһϵÁÐÓÃÒÔ°ïÖúÅųý¹ÊÕϵIJ½Öè¡£

¡¡¡¡Èç¹ûÉÏÊöÐÅϢûÄܰïÖúÄúÕÒµ½¾ßÌåµÄÎÊÌâËùÔÚ£¬ ÇëÌá½»ÎÊÌⱨ¸æ£¬ ²¢ÔÚÆäÖи½ÉÏÕâЩ¹¤¾ßµÄÊä³ö¡£

±¾ÎĵµºÍÆäËüÎĵµ¿É´ÓÕâÀïÏÂÔØ£ºftp://ftp.FreeBSD.org/pub/FreeBSD/doc/.

Èç¹û¶ÔÓÚFreeBSDÓÐÎÊÌ⣬ÇëÏÈÔĶÁÎĵµ£¬Èç²»Äܽâ¾öÔÙÁªÏµ<questions@FreeBSD.org>.
¹ØÓÚ±¾ÎĵµµÄÎÊÌâÇë·¢ÐÅÁªÏµ <doc@FreeBSD.org>.