diff options
author | Eric Jackson <ericj@cvs.openbsd.org> | 2001-04-30 15:03:02 +0000 |
---|---|---|
committer | Eric Jackson <ericj@cvs.openbsd.org> | 2001-04-30 15:03:02 +0000 |
commit | d58f01f1657515a4bae0070493f2c4f8b7c2e92c (patch) | |
tree | 98c604b4d5cccacf1af9cc2255852ff1e9611e44 /sbin | |
parent | dda766e676c140c59ccaeb0bee03465bfe028bab (diff) |
Assure that we always close the socket, and that the default behavior
is always chosen. Cleanup the documentation and add a security section
about WEP taken from FreeBSD.
Diffstat (limited to 'sbin')
-rw-r--r-- | sbin/ancontrol/ancontrol.8 | 238 | ||||
-rw-r--r-- | sbin/ancontrol/ancontrol.c | 21 |
2 files changed, 140 insertions, 119 deletions
diff --git a/sbin/ancontrol/ancontrol.8 b/sbin/ancontrol/ancontrol.8 index 23d6c8cb756..1795462f8b6 100644 --- a/sbin/ancontrol/ancontrol.8 +++ b/sbin/ancontrol/ancontrol.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ancontrol.8,v 1.10 2001/04/16 06:37:39 tholo Exp $ +.\" $OpenBSD: ancontrol.8,v 1.11 2001/04/30 15:03:01 ericj Exp $ .\" .\" Copyright (c) 1997, 1998, 1999 .\" Bill Paul <wpaul@ee.columbia.edu> All rights reserved. @@ -87,7 +87,7 @@ can also be used to view the current NIC status, configuration and to dump out the values of the card's statistics counters. .Pp The -.Ar iface +.Ar interface argument given to .Nm should be the logical interface name associated with the Aironet @@ -107,6 +107,18 @@ The AP list can be modified with the .Fl a option. +.It Fl C +Display current NIC configuration. +This shows the current operation mode, +recieve mode, MAC address, power save settings, various timing settings, +channel selection, diversity, transmit power, and transmit speed. +.It Fl I +Display NIC capability information. +This shows the device type, +frequency, speed, and power level capabilities and firmware revision levels. +.It Fl K Ar "0|1|2" +Set authorization type. +Use 0 for none, 1 for "Open", 2 for "Shared Key". .It Fl N Display the SSID list. This is a list of service set IDs (i.e., network names) @@ -131,48 +143,11 @@ station, or become a itself. The beacon period can be anything between 20 and 976 milliseconds. The default is 100. -.It Fl I -Display NIC capability information. -This shows the device type, -frequency, speed, and power level capablities and firmware revision levels. .It Fl T Display the NIC's internal statistics counters. -.It Fl C -Display current NIC configuration. -This shows the current operation mode, -receive mode, MAC address, power save settings, various timing settings, -channel selection, diversity, transmit power, and transmit speed. -.It Fl t Ar 0|1|2|3|4 -Select transmit speed. -The available settings are as follows: -.Bd -filled -offset indent -.Bl -column "TX rate " "NIC speed " -.Em "TX rate NIC speed" -0 Auto -- NIC selects optimal speed -1 1Mbps fixed -2 2Mbps fixed -3 5.5Mbps fixed -4 11Mbps fixed -.El -.Ed -.Pp -Note that the 5.5 and 11Mbps settings are only supported on the 4800 -series adapters: the 4500 series adapters have a maximum speed of 2Mbps. -.It Fl s Ar 0|1|2|3 -Set power save mode. -Valid selections are as follows: -.Bd -filled -offset indent -.Bl -column "Selection " "Power save mode " -.Em "Selection Power save mode" -0 None - power save disabled -1 Constantly awake mode (CAM) -2 Power Save Polling (PSP) -3 Fast Power Save Polling (PSP-CAM) -.El -.Ed -.Pp -Note that for IBSS (ad-hoc) mode, only PSP mode is supported, and only -if the ATIM window is non-zero. +.It Fl W Ar "0|1|2" +Enable WEP. +Use 0 for no WEP, 1 to enable full WEP, 2 for mixed cell. .It Fl v Ar "1|2|3|4" Fl a Ar AP Set preferred access point. The @@ -194,6 +169,46 @@ Set the ad-hoc mode beacon period. The becon period is specified in milliseconds. The default is 100ms. +.It Fl c Ar channel +Set the radio frequency of a given interface. +The +.Ar frequency +should be specified as a channel ID as shown in the table below. +The +list of available frequencies is dependent on radio regulations specified +by regional authorities. +Recognized regulatory authorities include +the FCC (United States), ETSI (Europe), France, and Japan. +Frequencies +in the table are specified in Mhz. +.Bd -filled -offset indent +.Bl -column "Channel ID " "FCC " "ETSI " "France " "Japan " +.Em "Channel ID FCC ETSI France Japan" +1 2412 2412 - - +2 2417 2417 - - +3 2422 2422 - - +4 2427 2427 - - +5 2432 2432 - - +6 2437 2437 - - +7 2442 2442 - - +8 2447 2447 - - +9 2452 2452 - - +10 2457 2457 2457 - +11 2462 2462 2462 - +12 - 2467 2467 - +13 - 2472 2472 - +14 - - - 2484 +.El +.Ed +.Pp +If an illegal channel is specified, the +NIC will revert to its default channel. +For NICs sold in the United States +and Europe, the default channel is 3. +For NICs sold in France, the default channel is 11. +For NICs sold in Japan, the only available channel is 14. +Note that two stations must be set to the same channel in order to +communicate. .It Fl v Ar "0|1" Fl d Ar "0|1|2|3" Select the antenna diversity. Aironet devices can be configured with up @@ -226,6 +241,29 @@ last key programmed. The transmit key is stored in NVRAM. Currently set transmit key can be checked via .Fl C option. +.It Fl f Ar fragmentation threshold +Set the fragmentation threshold in bytes. +This threshold controls the +point at which outgoing packets will be split into multiple fragments. +If a single fragment is not sent successfully, only that fragment will +need to be retransmitted instead of the whole packet. +The fragmentation +threshold can be anything from 64 to 2312 bytes. +The default is 2312. +.It Fl h +Prints a list of available options and sample usage. +.It Fl j Ar netjoin timeout +Set the ad-hoc network join timeout. +When a station is first activated +in ad-hoc mode, it will search out a 'master' station with the desired +SSID and associate with it. +If the station is unable to locate another +station with the same SSID after a suitable timeout, it sets itself up +as the 'master' so that other stations may associate with it. +This +timeout defaults to 10000 milliseconds (10 seconds) but may be changed +with this option. +The timeout should be specified in milliseconds. .It Fl v Ar "0|1|2|3|4|5|6|7" Fl k Ar key Set a WEP key. For 40 bits, prefix 10 hex digits with 0x. @@ -240,24 +278,6 @@ by default. Currently set keys can be checked via .Fl C option, only the sizes of the keys are returned. -.It Fl K Ar "0|1|2" -Set authorization type. -Use 0 for none, 1 for "Open", 2 for "Shared Key". -.It Fl W Ar "0|1|2" -Enable WEP. -Use 0 for no WEP, 1 to enable full WEP, 2 for mixed cell. -.It Fl j Ar netjoin timeout -Set the ad-hoc network join timeout. -When a station is first activated -in ad-hoc mode, it will search out a 'master' station with the desired -SSID and associate with it. -If the station is unable to locate another -station with the same SSID after a suitable timeout, it sets itself up -as the 'master' so that other stations may associate with it. -This -timeout defaults to 10000 milliseconds (10 seconds) but may be changed -with this option. -The timeout should be specified in milliseconds. .It Fl l Ar station name Set the station name used internally by the NIC. The @@ -305,55 +325,6 @@ flag. Typical values are 1, 5, 20, 50, and 100mW. Selecting 0 sets the factory default. -.It Fl c Ar channel -Set the radio frequency of a given interface. -The -.Ar frequency -should be specified as a channel ID as shown in the table below. -The -list of available frequencies is dependent on radio regulations specified -by regional authorities. -Recognized regulatory authorities include -the FCC (United States), ETSI (Europe), France, and Japan. -Frequencies -in the table are specified in Mhz. -.Bd -filled -offset indent -.Bl -column "Channel ID " "FCC " "ETSI " "France " "Japan " -.Em "Channel ID FCC ETSI France Japan" -1 2412 2412 - - -2 2417 2417 - - -3 2422 2422 - - -4 2427 2427 - - -5 2432 2432 - - -6 2437 2437 - - -7 2442 2442 - - -8 2447 2447 - - -9 2452 2452 - - -10 2457 2457 2457 - -11 2462 2462 2462 - -12 - 2467 2467 - -13 - 2472 2472 - -14 - - - 2484 -.El -.Ed -.Pp -If an illegal channel is specified, the -NIC will revert to its default channel. -For NICs sold in the United States -and Europe, the default channel is 3. -For NICs sold in France, the default channel is 11. -For NICs sold in Japan, the only available channel is 14. -Note that two stations must be set to the same channel in order to -communicate. -.It Fl f Ar fragmentation threshold -Set the fragmentation threshold in bytes. -This threshold controls the -point at which outgoing packets will be split into multiple fragments. -If a single fragment is not sent successfully, only that fragment will -need to be retransmitted instead of the whole packet. -The fragmentation -threshold can be anything from 64 to 2312 bytes. -The default is 2312. .It Fl r Ar RTS threshold Set the RTS/CTS threshold for a given interface. This controls the @@ -362,9 +333,54 @@ The .Ar RTS threshold can be any value between 0 and 2312. The default is 2312. -.It Fl h -Prints a list of available options and sample usage. +.It Fl s Ar 0|1|2|3 +Set power save mode. +Valid selections are as follows: +.Bd -filled -offset indent +.Bl -column "Selection " "Power save mode " +.Em "Selection Power save mode" +0 None - power save disabled +1 Constantly awake mode (CAM) +2 Power Save Polling (PSP) +3 Fast Power Save Polling (PSP-CAM) .El +.Ed +.Pp +Note that for IBSS (ad-hoc) mode, only PSP mode is supported, and only +if the ATIM window is non-zero. +.It Fl t Ar 0|1|2|3|4 +Select transmit speed. +The available settings are as follows: +.Bd -filled -offset indent +.Bl -column "TX rate " "NIC speed " +.Em "TX rate NIC speed" +0 Auto -- NIC selects optimal speed +1 1Mbps fixed +2 2Mbps fixed +3 5.5Mbps fixed +4 11Mbps fixed +.El +.Ed +.Pp +Note that the 5.5 and 11Mbps settings are only supported on the 4800 +series adapters: the 4500 series adapters have a maximum speed of 2Mbps. +.El +.Sh SECURITY NOTES +WEP ("wired equivalent privacy") is based on the RC4 algorithm, +using a 24 bit initialization vector. +.Pp +RC4 is supposedly vulnerable to certain known plaintext attacks, +especially with 40 bit keys. +So the security of WEP in part depends on how much known plaintext +is transmitted. +.Pp +Because of this, although counter-intuitive, using "shared key" +authentication (which involves sending known plaintext) is less +secure than using "open" authentication when WEP is enabled. +.Pp +Devices may alternate among all of the configured WEP keys when +tranmitting packets. +Therefore, all configured keys (up to four) must agree. .Sh SEE ALSO .Xr an 4 , .Xr wi 4 , diff --git a/sbin/ancontrol/ancontrol.c b/sbin/ancontrol/ancontrol.c index ae877e80e05..a2aeeb3ebac 100644 --- a/sbin/ancontrol/ancontrol.c +++ b/sbin/ancontrol/ancontrol.c @@ -1,5 +1,7 @@ -/* $OpenBSD: ancontrol.c,v 1.14 2001/04/16 07:51:01 ericj Exp $ */ +/* $OpenBSD: ancontrol.c,v 1.15 2001/04/30 15:03:01 ericj Exp $ */ /* + * Copyright (c) 2001 Eric Jackson <ericj@monkey.org> + * * Copyright 1997, 1998, 1999 * Bill Paul <wpaul@ee.columbia.edu>. All rights reserved. * @@ -118,15 +120,14 @@ int main __P((int, char **)); #define ACT_SET_MYNAME 29 #define ACT_SET_MAC 30 -#define ACT_DUMPCACHE 31 -#define ACT_ZEROCACHE 32 - #define ACT_ENABLE_WEP 33 #define ACT_SET_KEY_TYPE 34 #define ACT_SET_KEYS 35 #define ACT_ENABLE_TX_KEY 36 #ifdef ANCACHE +#define ACT_DUMPCACHE 31 +#define ACT_ZEROCACHE 32 #define OPTIONS "a:b:c:d:e:f:j:k:l:m:n:o:p:r:s:t:v:w:ACIK:NQST:W:Z" #else #define OPTIONS "a:b:c:d:e:f:j:k:l:m:n:o:p:r:s:t:v:w:ACIK:NST:W:" @@ -792,7 +793,7 @@ static void usage() { fprintf(stderr, - "usage: ancontrol interface [-A] [-N] [-S] [-I] [-T] [-C] [-t 0|1|2|3|4]\n" + "usage: ancontrol interface [-ACINSTh] [-t 0|1|2|3|4]\n" " [-s 0|1|2|3] [-v 1|2|3|4] [-a AP] [-b beacon period] [-v 0|1]\n" " [-d 1|2|3|4] [-e 0|1|2|3] [-j netjoin timeout] [-v 0|1|2|3|4|5|6|7[\n" " [-k key] [-K 0|1|2] [-l station name] [-m macaddress] [-v 1|2|3]\n" @@ -1306,7 +1307,7 @@ main(argc, argv) optind = 1; } } - opterr = optreset =1; + opterr = optreset = 1; /* Grab a socket to do our ioctl's */ getsock(); @@ -1363,6 +1364,7 @@ main(argc, argv) default: errx(1, "bad modifier %d", modifier); } + modifier = 0; break; case 'b': an_setconfig(ACT_SET_BEACON_PERIOD, optarg); @@ -1381,6 +1383,7 @@ main(argc, argv) default: errx(1, "must specify RX or TX diversity"); } + modifier = 0; break; case 'e': an_enable_tx_key(optarg); @@ -1388,6 +1391,9 @@ main(argc, argv) case 'f': an_setconfig(ACT_SET_FRAG_THRESH, optarg); break; + case 'h': + usage(); + break; case 'j': an_setconfig(ACT_SET_NETJOIN, optarg); break; @@ -1415,6 +1421,7 @@ main(argc, argv) default: errx(1, "bad modifier %d", modifier); } + modifier = 0; break; case 'o': an_setconfig(ACT_SET_OPMODE, optarg); @@ -1464,8 +1471,6 @@ main(argc, argv) an_dumpstatus(); if (print_stat & STAT_DUMPSTATS) an_dumpstats(); - - exit(0); } /* Close our socket */ |