Friday, 27 February 2015

Nice to know

If AP's IP address is unknown, connect the ethernet cable from AP to PC and send the command:
                                        ping -b 255.255.255.255

AP will respond back.

root@pb16lap01u:/home/priya/# ping -b 255.255.255.255
WARNING: pinging broadcast address
PING 255.255.255.255 (255.255.255.255) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_req=2 ttl=255 time=0.402 ms
64 bytes from 192.168.1.1: icmp_req=3 ttl=255 time=0.444 ms
64 bytes from 192.168.1.1: icmp_req=4 ttl=255 time=0.382 ms



DHCP setup sequence in Cisco AP:
To open command line interface: telnet <AP's IP address> 9000
ap> en
password: (generally Cisco)
ap#conf t
ap(config)#service dhcp
ap(config)#ip dhcp pool meghna
ap(dhcp-config)#network 192.168.1.0 255.255.255.0
ap(dhcp-config)#lease infinite
 



How to unpatch a .patch file?
patch -p1 < hostapd_2.0_xxx.patch

How to set module parameter for kernel module during load time?

modprobe wil6210 rx_ring_order=8
This can be verified in /sys/module/wil6210/parameters/rx_ring_order


4 way handshake:
----------------

How to configure PTK and GTK rekeying? 
   For 30 mins timeout, in WLC configure the “Enable Session Timeout” in 1800

(or)

In hostpad.conf,
   wpa_group_rekey=600 (in seconds)
   wpa_ptk_rekey=600


> show pmk-cache all shows lifetime of the timers.

while running hostapd, if you get the error : nl80211: Could not configure driver mode


sudo nmcli nm wifi off
sudo rfkill unblock wlan

Installing toolchain
--------------------
Download tool chain
https://launchpad.net/gcc-arm-embedded/+download
Install:
cd /dir/in/which/tar/file/is/saved && tar xjf gcc-arm-none-eabi-*-yyyymmdd-mac.tar.bz2


which arm-none-eabi-gcc
should show something like:
/home/user/Desktop/gcc-arm-none-eabi-5_4-2016q3/bin/arm-none-eabi-gcc

Friday, 23 January 2015

P2P Provisioning


Purpose of provisioning is to get user credential (WPS PIN or PBC) for WPS procedure. P2P GO shall use the operating channel as indicated during GO negotiation.

When a P2P Device joins an existing P2P Group that it has not stored a credential for, it shall send a Provision Discovery Request frame with a single method set in the Config Methods attribute to indicate the desire to enroll in the network.

The Provision Discovery Request frame shall be sent to the P2P Device Address of the P2P Group Owner and on the operating channel of the P2P Group.

The P2P Group Owner may use this frame as a trigger that a device wants to enroll (maybe an indication can be shown to the user). A P2P Group Owner shall respond to a received Provision Discovery Request frame with a Provision Discovery Response frame.

Provision discovery request will have a single method set in the config methods  attribute to indicate the desire to enroll in the network.


Provision discovery response MAY have same method as in provision discovery request to indicate SUCCESS or shall be NULL to indicate failure.


Group formation bit in the P2P capability bitmap of the P2P capability attribute shall be set to 1 until provisioning succeeds.

On successful completion of provisioning P2P Group Owner shall set group formation bit is set to 0.

Thursday, 22 January 2015

Opportunistic power save in P2P

Opportunistic power save allows P2P Group Owner to save power when all its associated clients are sleeping.

P2P Power Management protocol defines an availability period, called the CTWindow(Client Traffic Window), during which a P2P Group Owner is present.  P2P Clients are allowed to transmit during CTWindow period. If at the end of the CTWindow all associated P2P Clients are sleeping, the P2P
Group Owner is allowed to sleep until the next Beacon time. However, if any P2P Client stays in active mode at the end of the CTWindow the P2P Group Owner is forced to remain awake
until the next Beacon time.

The P2P Group Owner is responsible for selecting an appropriate value for
CTWindow. The CTWindow shall be an integral number of TU and shall always
be less than the beacon interval. For a P2P Group Owner that desires to be
discoverable, the CTWindow should be at least 10 TU. A CTWindow shall start
at each TBTT and extend for the chosen duration.

Opportunistic power save:
The P2P  Group Owner shall indicate that Opportunistic Power Save is enabled by setting  the OppPS bit to 1 in the CTWindow and OppPS Parameters field of the Notice of Absence attribute in beacon.

With OppPS set to 1:




 If at the end of the CTWindow all associated P2P Clients are sleeping, the P2PGroup Owner is allowed to sleep until the next Beacon time. Here's a Null function set with
power management bit set to 1 to indicate that STA is going to sleep.


However, if any P2P Client stays in active mode at the end of the CTWindow the P2P Group Owner is forced to remain awake until the next Beacon time.


Wednesday, 18 December 2013

WiFi Direct

Wi-Fi Direct builds upon the successful IEEE802.11 infrastructure mode and lets devices negotiate who will take over the AP-like functionalities. Thus, legacy Wi-Fi devices may seamlessly connect to Wi-Fi Direct devices . By taking this decision, Wi-Fi Direct immediately inherits all the enhanced QoS, power saving, and security mechanisms.

Here's a quick guide on setting up WPS.
http://kb.linksys.com/Linksys/GetArticle.aspx?docid=e48d3bae2e7442feb53b412234d3d41f_17336.xml

In a typical Wi-Fi network, clients discover and associate to WLANs, which are created and announced by Access Points (APs). In this way, a device unambiguously behaves either as an AP or as a client, each of these roles involving a different set of functionality. A major novelty of Wi-Fi Direct is that these roles are specified as dynamic, and hence a Wi-Fi Direct device has to implement both the role of a client and the role of an AP.

The device implementing AP-like functionality in the P2P Group is referred to as the P2P Group Owner (P2P GO), and devices acting as clients are known as P2P Clients.Legacy clients can also communicate with the P2P GO, as long as they are not 802.11b-only devices and support the required security mechanisms.

For example, consider a laptop accessing the Internet through a legacy infrastructure AP while at the same time streaming content to a TV set by establishing a P2P Group, where the laptop acts as P2P GO.


If the P2P GO leaves the P2P Group then the group is torn down, and has to be re-established using some of the specified procedures.


 Wi-Fi Direct devices usually start by performing a traditional Wi-Fi scan (active or passive), by means of which they can discover existent P2P Groups3 and Wi-Fi networks.

After this scan, a new Discovery algorithm is executed, which we describe next. First, a P2P Device selects one of the so-called Social channels, namely channels 1, 6 or 11 in the 2.4 Ghz band, as its Listen channel.

Then, it alternates between two states: a search state, in which the device performs active scanning by sending Probe Requests in each of the social channels; and a listen state, in which the device listens for Probe Requests
in its listen channel to respond with Probe Responses. The amount of time that a P2P Device spends on each state is randomly distributed, typically between 100 ms and 300 ms.

EAP based setup based on external registrar

Station willing to connect to AP, sends out a probe request with WPS IE, request type set to enrollee.

AP sends a Wi-Fi Simple Configuration probe response to the Registrar with
Response Type set to AP.


After this M1 to M8 exchange occurs. Enrollee (the station) may decide to associate to a WSC-enabled AP and initiate the registration protocol by sending message M1 to the Registrar; assuming that
the Registrar is not yet prepared to enroll the candidate enrollee it will respond with message M2D.

M2D – this message indicates that the Registrar is unable to authenticate with the Enrollee, but it is willing to provide descriptive information about the Registrar to the Enrollee.

Phase 1:
1. The Enrollee sends its Discovery message using an 802.11 probe request. The
Discovery message is broadcast by the AP to all external Registrars.
2. The AP responds to the probe request with its own Discovery data.
3. The Enrollee connects to the AP and initiates 802.1X.
4. The Enrollee‟s M1 message is proxied to all External Registrars as UPnP events.
Each active Registrar (Internal Registrar, if enabled, and all the External
Registrars that have subscribed to receive UPnP events from the AP) should
send M2 or M2D.
5. The two external Registrars send M2D messages to the AP. The AP queues
these up for delivery to the Enrollee.
6.The AP sequentially delivers the M2D messages to the Enrollee, which responds
with ACK messages to each one. After the last M2D has been delivered without
a WSC_MSG response, the AP sends EAP-Failure to terminate the 802.1X
connection.


Phase 2:
1. Enter PIN in ER.
2. Registrar notifies the AP when it becomes active by setting the Selected Registrar attribute to TRUE
3. After the AP receives a SetSelectedRegistrar UPnP action with Selected Registrar TRUE, AP incorporates Selected Registrar flag set to TRUE in its Beacons and Probe Responses
4. Enrollee reconnects and restarts the 802.1X authentication. This time, Registrar sends an M2 message rather than an M2D message.
5. The Enrollee and Registrar engage in the complete Registration Protocol until the
Enrollee is provisioned with its Credential.

Monday, 16 December 2013

Out-of-Band setup

In out-of-band methods there is a transfer of information by a channel other than the Wi-Fi channel itself.

  1. Near-Field-Communication Method, in which the user simply has to bring the new client close to the access point to allow a near field communication between the devices. NFC Forum compliant RFID tags can also be used. Support of this mode is optional.
  2. USB Method, in which the user uses a USB flash drive to transfer data between the new client device and the access point of the network. Support of this mode is optional, but deprecated.

The USB method has been deprecated and is not part of the Alliance's certification testing.

Thursday, 7 November 2013

Hostapd - user space daemon for AP and authentication server

To make hotspot on a laptop, Check if iwlist to check if it has AP capability as shown below.


Download hostpad source code from http://hostap.epitest.fi/hostapd/. Read http://wireless.kernel.org/en/users/Documentation/hostapd for further details.
root@ramapriya:/home/ramapriya/hostapd-2.4/hostapd#cp defconfig .config
root@ramapriya:/home/ramapriya/hostapd-2.4/hostapd#make
You get two binaries after successful make: hostapd and hostapd_cli.

Once set up is ready, change hostapd.conf file in hostapd folder.
A sample configuration is given below:


interface=wlan0
ctrl_interface=/var/run/hostapd
ssid=Shim_te_ccmp
hw_mode=g
wpa_passphrase=123456789012
wpa_key_mgmt=WPA-PSK
wpa_pairwise=CCMP
ht_capab=[SHORT-GI-20][TX-STBC][HT40-][RX-STBC1]
channel=1
rts_threshold=2346
fragm_threshold=2346
beacon_int=100
wpa=2
ieee80211n=1
wmm_enabled=1
wpa_group_rekey=0
wps_state=1

2. Start hostapd.
./hostapd  hostapd.conf

3. Start the AP using the configuration in hostapd.conf file.
./hostapd_cli

Possible errors:
fatal error: netlink/genl/genl.h: No such file or directory
Solution:
sudo apt-get install libnl-dev