Myth BOX
The home of guides for Myth TV, IPTables, and other linux based phenomena. 		 
HD version
Preamble
Home
News
Spec
General guides
Partitioning
Installation
Firewall
Channel setup
Home automation
Product overview
Other
Useful links
SD version
Preamble
Functionality
Hardware
Software
Screenshots
Gallery
General guides
DVB Card
Myth TV
Broadband modem
Wireless network
Firewall
Network shares
Network IDS
Extra security
Streaming
Gensplash
EPIA specific guides
TV-Out cables
Audio/USB cables
Backplate
Wireless network
EPIA Kernel
Openchrome drivers
Surround sound
VPN
Online store
Prebuilt mythbox
Other
Useful links

Getting a basic wireless network running

  1. The kernel needs to be compiled with iptables support in, so select the following options to be compiled in: 
    Device Drivers ->
    Networking device support ->
        Network device support
Networking ->
    Networking options ->
        Network packet filtering (replaces ipchains)
        Core Netfilter Configuration ->
            Netfilter Xtables support (required for ip_tables)
            "CLASSIFY" target support
            "limit" match support
            "mac" address match support
            Multiple port match support
            "state" match support
        IP: Netfilter Configuration ->
            Connection tracking (required for masq/NAT)
            FTP protocol support
            IP tables support (required for filtering/masq/NAT)
            IP range match support
            TOS match support
            Packet filtering
            REJECT target support
            LOG target support
            Full NAT
            MASQUERADE target support
            REDIRECT target support
            Packet mangling
            TOS target support
    There may be others selected for compilation which shouldn't be a problem. Now recompile the kernel.
  2. Now to enable us to download the at76c503a package edit /etc/portage/package.unmask and add:
    >=net-wireless/atmel-firmware-1.3
>=net-wireless/at76c503a-0.12
    Also edit /etc/portage/package.keywords and add: 
    net-wireless/atmel-firmware ~x86
net-wireless/at76c503a ~x86
  3. Ensure that you have usb in your USE flags.
  4. Get the latest version of the BerliOS Atmel driver by executing emerge at76c503a.
  5. Edit /etc/modules.autoload.d/kernel-2.6 and add to the end the wireless module for our USB adaptor which is at76c505_rfmd2958. You can verify that the adaptor has started correctly by checking /var/log/messages. Use modprobe to load the driver into memory now (rather than waiting until we restart).
  6. Ensure that you have the wireless tools installed by doing an emerge wireless-tools.
  7. Issue the following command: iwconfig wlan0 mode Ad-hoc essid <NETWORK_NAME>, substituting in the name you would like to call the network. This will configure the wireless card.
  8. Now configure the network interface to have an IP address. Give the command: ifconfig wlan0 192.168.0.<IP>, picking an IP of your choice.
  9. At this point, it is advisable to set up a second machine to act as a client - convince a housemate, thats what I did :)
    On the client machine, follow the networking steps thus far, but also route internet traffic to the box using: route add default gw 192.168.0.<IP>.
  10. Now to make the client resolve hostnames through the box. To do this, edit the /etc/resolv.conf file and add the following line:
    nameserver 192.168.0.<IP>
  11. Back to the box/server machine, we now need to make it deal with any name resolution requests, and for this we use the package dnsmasq. So emerge dnsmasq.
  12. Edit /etc/conf.d/dnsmasq, and change DNSMASQ_OPTS to be the following:
    DNSMASQ_OPTS="-i wlan0 -r /etc/ppp/resolv.conf"
  13. Now make dnsmasq start on bootup using: rc-update add dnsmasq default. Start it for now using: /etc/init.d/dnsmasq start. To test that the requests are getting through, on the client machine ping a website. You can then see if the name is getting resolved (but you still won't get a response yet). You should also be able to ping the server now.
  14. Now to setup the nat program up, along with the firewall. The package iptables does both of these tasks, so emerge iptables.
  15. To configure the firewall and packet forwarding, issue the following commands at the terminal (comments beginning with # are for reference only):
    # Flush the standard firewall rules
iptables -F

# Flush the nat rules
iptables -t nat -F

# Flush the mangle rules
iptables -t mangle -F

# Append to the nat table, a rule to masquerade packets heading to the internet
iptables -t nat -A POSTROUTING -i wlan0 -o ppp0 -j MASQUERADE
  16. Now save the configuration using: /etc/init.d/iptables save
  17. Turn on IP forwarding by editing /etc/sysct1.conf and add:
    net.ipv4.ip_forward = 1
net.ipv4.conf.default.rp_filter = 1
    Also edit /etc/conf.d/local.start and add:
    echo "1" > /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/conf/all/forwarding
  18. Start iptables using: /etc/init.d/iptables start, and make iptables load on boot using: rc-update add iptables default
  19. You should now be able to access the internet through the clients machine. If you can't, revisit the previous steps now before going any further.
  20. Now to make the wireless network start upon boot, we need to ensure that we have an up-to-date baselayout (i.e. >=1.11.0) and sysvinit (i.e. >=2.85-r1). emerge baselayout sysvinit if your packages are older. If you have wireless-config installed, unmerge it, and remove the wireless.sh file.
  21. Now we need to run etc-update. Do so, but ensure that you edit the configuration files when prompted, otherwise they will be overwritten. This may seem laborious, but is better than gnome not booting and having to add to all of the config files again [like I had to :( ].
  22. Copy /etc/conf.d/net.example to /etc/conf.d/net and uncomment the ifconfig statement. Change it to your IP and replace eth0 with wlan0. Then save the file and make a symbolic link to it from /etc/conf.d/net.wlan0 for good measure.
  23. Copy /etc/conf.d/wireless.example to /etc/conf.d/wireless. Uncomment and edit your essid and mode (to be as above) and also pick a channel number. I'd recommend channel 11 if you are using windows (as this is the channel used by default for our card). Again, replace eth0 on these lines with wlan0.
  24. Create a symbolic link from /etc/init.d/net.lo to /etc/init.d/net.wlan0. Try and bring the network up with /etc/init.d/net.wlan start. If it works then bingo! Make it starts at boot with: rc-update add net.wlan default.
  25. Edit the /etc/hosts file and add any hosts on your network in the format:
    IP Boxname
  26. Comment out the CONSOLEFONT statement in /etc/rc.conf if you have it. This prevents an error from appearing on my system, setting the console font to be default as before.
  27. If the network is working thus far, the next thing to do is to enable WEP. Edit /etc/conf.d/wireless, then uncomment and edit the line in there to be:
    key_<your_essid>="s:<your_password> enc open"
    This will use WEP encryption in open mode which is considered by some to be more secure that restricted.

Troubleshooting:
  • The wireless module doesn't seem to load and claims to be missing!
    Ensure that whenever you recompile the kernel that you recompile and install the berliOS driver using: make, and make install.
  • I get an error saying no interface module has been loaded when starting the wireless card!
    This may be caused by sort being in a different location to where it is being searched for. Do an ls /usr/bin/sort and ls /bin/sort. If only one exists then create a symbolic link from one to the other and try again.