Sunday, July 08, 2007

i4965: Two Steps Forward, One Step Back


iwl4965: with FH_INT = 0x00010000
iwl4965: REPLY_CT_KILL_CONFIG_CMD succeeded
iwl4965: REPLY_ADD_STA failed
iwl4965: no version for "release_firmware" found: kernel tainted.
iwl4965: Intel(R) Wireless WiFi Link 4965AGN driv er for Linux, 0.0.35d
iwl4965: Copyright(c) 2003-2007 Intel Corporation
iwl4965: Detected Intel Wireless WiFi Link 4965AG N
iwl4965: Radio disabled by HW RF Kill switch

So with 2.6.21.5 + iwlwifi-0.0.35 and mac80211-9.0.0 and Linux Wireless Tools v 29 (you'll need the firmware from the Intel site as well) I was able to get to able to get the hardware detected, see a few access points, associate a couple of times, and oh yeah get kernel stack traces every time I tried to get a lease. I was surprised to see the kernel honored the "kill switch" on the front of the laptop.

Oh well, I'll try again next weekend. It's back to a wide open Aironet card when running Linux (God knows why WEP isn't working with the Aironet 352 and the Truemobile running OpenWRT). If you are in the neighborhood, you can have free wifi if you spoof the 3 MACs I have in the filter list (until I get WPA working I'll adopt the bonehead OpenBSD view (I need to find a better link, but that will do) that Wireless security protocols encourage a false sense of security) but I'm sure its much easier to hop on my neighbor's Linksys. Assuming they didn't close it down. But I've got fprobe running the OpenWRT box (as simple as ipkg install fprobe, very cool!) so I'm watching you :)

# --- ---- ---- Report Information --- --- ---
#
# Fields: Total
# Symbols: Disabled
# Sorting: Descending Field 1
# Name: UDP/TCP destination port
#
# Args: flow-stat -f 5 -S1
#
#
# port flows octets packets
#
80 223 1012583 4549
123 182 21280 280
3000 132 56380 271
443 20 77666 331
2050 16 42523 239
53 16 15287 239
60321 7 20647 69
22 7 24766 307

2 comments:

Jason Meltzer said...

Hey Matt,

OpenBSD WPA, or rather 802.1X, status from reyk@ (check the link in the parent too):
http://marc.info/?l=openbsd-tech&m=118332153611789&w=2

In general, my strategy is to treat wireless clients exactly like a remote user and employ security at the network and/or transport levels. I've been running a combination of authpf and openvpn over my wireless for connecting up a couple of my Macs and it is dead simple to set up.

I am using a Soekris 4801 running OpenBSD on the AP end but I'm keeping it really simple and not mucking about with flashdist or the like anymore, I'm just doing straight forward installs to flash. ckuethe@ has been running a few score small form factor firewalls at the University of Alberta using a regular install to flash and hasn't had anything die since he started doing it over a year and a half ago, maybe two now. I'm sure openvpn will install easily on OpenWRT too...

Cheers!

Matt Franz said...

Jason,

Thanks for the update! Yep, OpenVPN rocks (I used to use that back in my small company days, cross platform, easy to admin) just been too lazy to set it up on OpenWRT.

- mdf