20080715

Quick Guide to FreeBSD hostap for FreeBSD 8

I have a need to setup an access point. Many of the discussions on the web include all kinds of extra goodies that one normally sets up with the access point. But I just needed an access point: no dhcp, bridging, etc. Here's how I did it.


Recently, some really cool stuff when into the kernel for wireless. This is the VAP stuff, or the virtual access point code. This allows freebsd to decouple the code for doing access points, and a bunch of other stuff, from the code to drive the wireless hardware. Great in concept, and quite useful with some of the advanced wireless hardware.

However, it did change the way things were configured. The handbook is now out of date. Until it can be updated, here's what I did, with some explanations about each step.

First, I needed to create an rc.conf setup for my needs. Here's the one I came up with.

devd_enable=YES
ifconfig_wlan0="inet 10.0.0.1/24"
wlans_ath0="wlan0"
create_args_wlan0="wlanmode hostap mode 11g"
hostapd_enable=YES


devd_enable turns on the devd(8) process. This process is responsible for dealing with the different device events in the system. This is the hook that we use for hot-plug insertions, which is how we configure the wireless devices.

wlans_ath0 is used to create the virtual interface wlan0 associated with ath0. This is how all the wireless stuff is setup now. You configure the basics with the wlan_IF=wlanX command, and set more specific stuff via the wlanX interface.

create_wlan0 gives the arguments with which to create the wlan interface. There are many that can only be created at wlanX creation time, and it happens that hostap is one of them. I'm not 100% sure that I need to bother with the 11g mode command or not here, but it seems to work.

ifconfig_wlan0 sets the device's IP address. In my example, I wanted the interface to have an IP address, but not be bridgable since I didn't have any other interfaces on the laptop I wanted to be the AP for the thing I'm doing.

hostapd_enable turns on the hostapd daemon. You won't get far without this, so we turn it on.

We've enabled a daemon, and now it is time to configure it. Here's the config file that I used for hostapd.conf:

interface=wlan0
hw_mode=g
macaddr_acl=0
auth_algs=1
ctrl_interface=/var/run/hostapd
ctrl_interface_group=wheel
ssid=bsdimp hacking blog


itnerface specifies which interface to use. Duh! However, this needs to be the wlan device, not the hardware device.

hw_mode sets the hardware into 802.11g. Not sure if this is needed, but it works for me.

macaddr_acl is wide open: it allows anybody to connect. As you may have noticed, this setup is very permissive. It has nothing locked down at all. It should be the first thing you do as an experiment before proceeding on to enabling WPA or WPA2 to get a reasonable level of security.

auth_algs sets which authorization algorithms can be used. See the hostapd man page for details.

ssid sets the name of the network you are serving.

The rest can be gleaned from the manual.

Chances are this post should be updated, so if you have any suggestions on how to do that, please leave then as comments.

3 comments:

Anonymous said...

Sorry, I cannot get, what exactly doing devd in that example and why it needed.
//

P. Bordjukov said...

me, too

Anonymous said...

Right below the config snipit there is an explanation of the DEVD entry.