tech-net: Re: NetBSD wi0 AP and Mcintoshes?

Subject: Re: NetBSD wi0 AP and Mcintoshes?
To: David Young <dyoung@pobox.com>
From: Hauke Fath <hauke@Espresso.Rhein-Neckar.DE>
List: tech-net
Date: 08/01/2004 10:04:37
At 19:57 Uhr -0500 31.7.2004, David Young wrote:
>On Sat, Jul 31, 2004 at 09:30:32PM +0200, Hauke Fath wrote:

>> and 'tcpdump -ne -D ieee802_11 -i wi0' gives
>>
>> 21:12:38.394876 DA:9:0:7:ff:ff:ff BSSID:0:9:5b:54:f1:e5 SA:8:0:20:18:76:7e
>> Data IV:3aaaa Pad 0 KeyID 0
>
>This must not be related to authentication?

Don't ask me...

>> 21:12:39.281749 BSSID:0:9:5b:54:f1:e5 DA:0:9:5b:54:f1:e5 SA:0:30:65:1:c6:62
>> Authentication (Shared Key)-1: Succesful
>> 21:12:39.320517 BSSID:0:9:5b:54:f1:e5 DA:0:30:65:1:c6:62 SA:0:9:5b:54:f1:e5
>> [|802.11]
>>
>> so there is nothing that resembles an error here. But while the above
>> tcpdump says, "Shared Key",
>
>Use a longer snap size (-s) so that I can see the non-truncated packets.

There isn't much more to tell:

[hauke@pizza] ~ # tcpdump -ne -vvv -s 256 -D ieee802_11 -i wi0
tcpdump: data link type DLT_IEEE802_11
tcpdump: WARNING: wi0: no IPv4 address assigned
tcpdump: listening on wi0
09:37:48.396339 DA:9:0:7:ff:ff:ff BSSID:0:9:5b:54:f1:e5 SA:8:0:20:18:76:7e
Data IV:3aaaa Pad 0 KeyID 0
09:37:51.490686 BSSID:0:9:5b:54:f1:e5 DA:0:9:5b:54:f1:e5 SA:0:30:65:1:c6:62
Authentication (Shared Key)-1: Succesful
09:37:51.519447 BSSID:0:9:5b:54:f1:e5 DA:0:30:65:1:c6:62 SA:0:9:5b:54:f1:e5
Authentication (Shared Key)-2 [Challenge Text]
09:37:58.399138 DA:9:0:7:ff:ff:ff BSSID:0:9:5b:54:f1:e5 SA:8:0:20:18:76:7e
Data IV:3aaaa Pad 0 KeyID 0
09:38:01.860842 BSSID:0:9:5b:54:f1:e5 DA:0:9:5b:54:f1:e5 SA:0:30:65:1:c6:62
Authentication (Shared Key)-1: Succesful
09:38:01.889589 BSSID:0:9:5b:54:f1:e5 DA:0:30:65:1:c6:62 SA:0:9:5b:54:f1:e5
Authentication (Shared Key)-2 [Challenge Text]
09:38:08.392175 DA:9:0:7:ff:ff:ff BSSID:0:9:5b:54:f1:e5 SA:8:0:20:18:76:7e
Data IV:3aaaa Pad 0 KeyID 0
09:38:11.219575 BSSID:0:9:5b:54:f1:e5 DA:0:9:5b:54:f1:e5 SA:0:30:65:1:c6:62
Authentication (Shared Key)-1: Succesful
09:38:11.258330 BSSID:0:9:5b:54:f1:e5 DA:0:30:65:1:c6:62 SA:0:9:5b:54:f1:e5
Authentication (Shared Key)-2 [Challenge Text]
09:38:12.391139 BSSID:0:9:5b:54:f1:e5 DA:0:9:5b:54:f1:e5 SA:0:30:65:1:c6:62
Authentication (Shared Key)-1: Succesful
09:38:12.419902 BSSID:0:9:5b:54:f1:e5 DA:0:30:65:1:c6:62 SA:0:9:5b:54:f1:e5
Authentication (Shared Key)-2 [Challenge Text]
09:38:14.566846 BSSID:0:9:5b:54:f1:e5 DA:0:9:5b:54:f1:e5 SA:0:30:65:1:c6:62
Authentication (Shared Key)-1: Succesful
09:38:14.595605 BSSID:0:9:5b:54:f1:e5 DA:0:30:65:1:c6:62 SA:0:9:5b:54:f1:e5
Authentication (Shared Key)-2 [Challenge Text]
09:38:18.395057 DA:9:0:7:ff:ff:ff BSSID:0:9:5b:54:f1:e5 SA:8:0:20:18:76:7e
Data IV:3aaaa Pad 0 KeyID 0
09:38:18.660368 BSSID:0:9:5b:54:f1:e5 DA:0:9:5b:54:f1:e5 SA:0:30:65:1:c6:62
Authentication (Shared Key)-1: Succesful
09:38:18.699133 BSSID:0:9:5b:54:f1:e5 DA:0:30:65:1:c6:62 SA:0:9:5b:54:f1:e5
Authentication (Shared Key)-2 [Challenge Text]
^C
16 packets received by filter
0 packets dropped by kernel
[hauke@pizza] ~ #

With WEP disabled, I get a connection , and a reproducible coredump from
tcpdump, probably because the kernel has no ipv6 support:

[hauke@pizza] ~/bin # tcpdump -ne -v  -D ieee802_11 -i wi0
tcpdump: data link type DLT_IEEE802_11
tcpdump: WARNING: wi0: no IPv4 address assigned
tcpdump: listening on wi0
09:42:43.800873 DA:0:9:5b:54:f1:e5 SA:0:30:65:1:c6:62 BSSID:0:9:5b:54:f1:e5
[|llc](LLC 9400)
09:42:43.891759 BSSID:0:9:5b:54:f1:e5 TA:0:30:65:1:c6:62 Power Save-Poll
AID(c001)
09:42:43.897607 BSSID:0:9:5b:54:f1:e5 SA:0:30:65:1:c6:62 DA:8:0:20:18:76:7e
snap 0:0:0:8:0 172.16.7.7.49359 > 172.16.7.10.192: [udp sum ok] udp 4 (ttl
64, id 42349, len 32)
09:42:43.898186 DA:0:30:65:1:c6:62 BSSID:0:9:5b:54:f1:e5 SA:8:0:20:18:76:7e
snap 0:0:0:8:0 172.16.7.10 > 172.16.7.7: icmp: 172.16.7.10 udp port 192
unreachable (ttl 255, id 55262, len 56)
09:42:47.601725 DA:0:9:5b:54:f1:e5 SA:0:30:65:1:c6:62 BSSID:0:9:5b:54:f1:e5
[|llc](LLC 0800)
09:42:47.685433 BSSID:0:9:5b:54:f1:e5 TA:0:30:65:1:c6:62 Power Save-Poll
AID(c001)
Bus error(core dumped)
[hauke@pizza] ~/bin #

(gdb) bt
#0  0x0004a5d4 in ip6_print ()
#1  0x0001f958 in ether_encap_print ()
#2  0x0002a590 in llc_print ()
#3  0x00015400 in ieee802_11_if_print ()
#4  0x100aef6c in pcap_read () from /usr/lib/libpcap.so.1
#5  0x100af64c in pcap_loop () from /usr/lib/libpcap.so.1
#6  0x00048ee8 in main ()
#7  0x0001179c in ___start ()

>> (1=OpenSys, 2=Shared Key):              [ 1 ]
>>
>> has "OpenSys" as authentication type. The related switch for wiconfig(8)
>> was present in NetBSD 1.6
>
>Right, I removed that thinking it was something else.  But that should
>not affect AP operation.

PR 19111 appears to disagree...

>I am patching up net80211 ioctls and ifconfig
>to replace the function.

Thanks for picking this up.

	hauke

--
/~\  The ASCII Ribbon Campaign
\ /    No HTML/RTF in email
 X     No Word docs in email
/ \  Respect for open standards