#!/bin/bash # # Original File # ------------- # http://www.Linux-Sec.net/Wireless/Install-HowTo/madwifi.txt # http://www.Linux-Sec.net/Wireless/Install-HowTo/NetGear.WG311.config # http://www.Linux-Sec.net/Wireless/Install-HowTo/NetGear.WG311.Install.sh ( this file ) # # # 10-Dec-03 amo Install Wireless PCI card ( Netgear WQG311 -- 802.11g ) # 19-Dec-03 amo Allow for 2.6.0 vs 2.4.23 kernels # 02-Jan-04 amo Added slackware/redhat switch # 04-Jan-04 amo Converted to stop|start format, iwconfig, iwpriv commands # 18-Apr-04 amo Renamed wl.install.sh to NetGear.WG311.Install.txt # 19-Apr-04 amo Install latest iwconfig ( beta27 ) # 20-Apr-04 amo Separate out the commands # 21-Apr-04 amo Separate out Wireless Config Variables # 26-Apr-04 amo Added "AP" w/ simple firewall ( masquerade ) # 05-May-04 amo Added Rate, Mode # # # ================================ # Wireless Insstall Scripts for: # NetGear WG311 # ( uses the madwifi driver ) # ================================ # - figure out if you're using linux-2.4 or linux-2.6 kernels # - figure out which linux distribution you're using # - Configure and Change your IP# for your wireless devices # # ----------------------------------------------- # Define the Wireless Network in the config file # ----------------------------------------------- # source ./NetGear.WG311.config # ----------------------------- # # # Which Linux Kernel are we using # =============================== # if [ `uname -r` = "2.6.0" ]; then # # drivers for NetGear WG311 under linux-2.6.x # WLAN="/lib/modules/`uname -r`/net/wlan.ko" HAL="/lib/modules/`uname -r`/net/ath_hal.ko" PCI="/lib/modules/`uname -r`/net/ath_pci.ko" # else # # drivers for NetGear WG311 under linux-2.4.x # WLAN="/lib/modules/`uname -r`/net/wlan.o" HAL="/lib/modules/`uname -r`/net/ath_hal.o" PCI="/lib/modules/`uname -r`/net/ath_pci.o" # fi # # # =========================================================== # # You should NOT have to change anything below where # # =========================================================== # # # # First stop the network # ----------------------- # stop () { # # Turn off the WiFi card # # if [ -f /etc/redhat-release ]; then cmd="/etc/rc.d/init.d/network stop" fi # if [ -f /etc/slackware-version ]; then cmd="ifconfig $INTERFACE down" fi # echo "" echo "Stopping Wireless: ${INTERFACE}:" echo " $cmd" $cmd echo "" # # unloading the modules seems to hang the system # } # stop # # # # Load the wireless modules and add the wireless routes # ----------------------------------------------------- # start() { # # Turn on the WiFi card # echo "" echo " Start Wireless: ${INTERFACE}:" echo "" # # Add the wireless drivers # ------------------------ insmod $WLAN # insmod $HAL # insmod $PCI # # # # For Redhat Machines # -------------------- # if [ -f /etc/redhat-release ]; then # /etc/rc.d/init.d/network start # route add -net $NETWORK gw $GATEWAY netmask $NETMASK $INTERFACE # fi # # # For Slackare machines - explicitly run the commands # if [ -f /etc/slackware-version ]; then # # take it down than redefine it # ifconfig $INTERFACE down # # # to Set the card to 54Mbps # ------------------------- # 3 = 802.11G # 2 = 802.11B # 1 = 802.11A # # echo "" #ocmd "ifconfig $INTERFACE up" docmd "ifconfig ${INTERFACE} ${IPADDR} broadcast ${BROADCAST} netmask ${NETMASK} up" docmd "sleep 5" # echo "" case $MODEGBA in 3 ) echo "# Configure $INTERFACE for 802.11G" ;; 2 ) echo "# Configure $INTERFACE for 802.11B" ;; 1 ) echo "# Configure $INTERFACE for 802.11A" ;; esac docmd " iwpriv ath0 mode $MODEGBA" echo "" # echo "" docmd "iwconfig $INTERFACE nick $NICK" docmd "iwconfig $INTERFACE essid $ESSID" docmd "iwconfig $INTERFACE channel $CHANNEL" docmd "iwconfig $INTERFACE rate $RATE" #ocmd "iwconfig $INTERFACE ap $AP" #ocmd "iwconfig $INTERFACE mode $MODE" echo "" # # For Example key configurations # ------------------------------ # Commands.iwconfig.key.txt # docmd "iwconfig $INTERFACE key open" #ocmd "iwconfig $INTERFACE key $KEY1" #ocmd "iwconfig $INTERFACE key $KEY2" #ocmd "iwconfig $INTERFACE key $KEY3" #ocmd "iwconfig $INTERFACE key $KEY4" # echo "" # # # docmd "route add -net $NETWORK netmask $NETMASK gw $GATEWAY " # echo "# Allow only this one host into the network" docmd "route add -host 192.168.1.12 netmask 0.0.0.0 gw $GATEWAY " docmd "route add -host 192.168.1.13 netmask 0.0.0.0 gw $GATEWAY " echo "" # echo "ifconfig -v ; route -nv ; iwconfig $INTERFACE ; iwlist scan " echo "" # # # Check if we are a Gateway for the Wireless subnet # if [ "$MODE" = "Master" ]; then echo "#" echo "# Now Configure the AccessPoint for the Wireless network ( $INTERFACE )" echo "# $0 ap " echo "#" else # # for wireless clients # if [ ` ifconfig -v | grep ^eth0 | wc -l ` = 0 ]; then echo "#" echo "# Making your Wireless Gateway ( $GATEWAY ) the default route " docmd " route add default gw $GATEWAY" echo "#" else echo "#" echo "# you have one or more routes, i don't know which is your gateway out" echo "#" fi fi echo "" # fi # } # start # # # Load the wireless modules and add the wireless routes # ----------------------------------------------------- # # http://www.netfilter.org/documentation/HOWTO/NAT-HOWTO.html # ap() { # HOST=`hostname -s` # echo "" echo "# Make this host ( $HOST ) the AccessPoint for ${INTERFACE}:" # docmd " iwconfig $INTERFACE mode Master" echo "" # # echo "# Turn on packet forwarding" # echo " echo 1 > /proc/sys/net/ipv4/ip_forward" echo 1 > /proc/sys/net/ipv4/ip_forward echo "" # # # http://www.e-infomax.com/ipmasq/ # echo "# Install a minimal firewall/gateway" #cho " # rc.firewall-2.2 ( ipchains ) " echo " # rc.firewall-2.4 ( iptables ) " echo "" # # # --------------------------------------------------- # # IPCHAINS="ipchains" # # docmd " $IPCHAINS -A forward -s 192.168.1.0/24 -d 0.0.0.0/0 -j MASK" # docmd " $IPCHAINS -P forward DENY" # # --------------------------------------------------- # IPTABLES="iptables" EXTIF="eth0" INTIF="ath0" # echo "# 7-commands to Clear the IPTables first" $IPTABLES -P INPUT ACCEPT $IPTABLES -F INPUT $IPTABLES -P OUTPUT ACCEPT $IPTABLES -F OUTPUT $IPTABLES -P FORWARD DROP $IPTABLES -F FORWARD $IPTABLES -t nat -F echo "" # # # # ToDo: # Change to allow only specific 192.168.x.y ip# only # echo "# FWD: Allow all connections OUT and only existing and related ones IN" docmd " $IPTABLES -A FORWARD -i $EXTIF -o $INTIF -m state --state ESTABLISHED,RELATED -j ACCEPT" docmd " $IPTABLES -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT" docmd " $IPTABLES -A FORWARD -j LOG" echo "" # echo "# Enabling SNAT (MASQUERADE) functionality on $EXTIF" #ocmd " $IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE" # iptables: No chain/target/match by that name # # this works for the wireless box to get outside docmd " $IPTABLES -t nat -A POSTROUTING -o $EXTIF -j SNAT --to 1.2.3.13" # # # try to allow only 192.168.1.12 connectivity in or out # ------------------------------------------------------- #ocmd " $IPTABLES -t nat -A POSTROUTING -s 192.168.1.12 -o $EXTIF -j SNAT --to 1.2.3.13" echo "" # echo "# Check the rules:" docmd " $IPTABLES -L" echo "" # # } # ap # # # Show the Command and Execute it # docmd() { cmd=$1 # echo "$cmd" $cmd # } # docmd # # # # What Operation to Perform # ------------------------- # case "$1" in # "ap") ap # ;; "start") start # # $0 status ;; # "stop") stop ;; # "status") # echo "" echo "lsmod" lsmod # ifconfig -v ; route -nv ; iwconfig ; ping -c 3 $IPADDR # ;; *) echo "" echo "Usage: $0 < stop|start|status|AP >" echo "" exit 1 esac # # # End of file