Myth BOX
The home of guides for Myth TV, IPTables, and other linux based phenomena.
 
HD version
Preamble
Home
News
Spec
General guides
Partitioning
Installation
Firewall
Channel setup
Home automation
Product overview
Other
Useful links
SD version
Preamble
Functionality
Hardware
Software
Screenshots
Gallery
General guides
DVB Card
Myth TV
Broadband modem
Wireless network
Firewall
Network shares
Network IDS
Extra security
Streaming
Gensplash
EPIA specific guides
TV-Out cables
Audio/USB cables
Backplate
Wireless network
EPIA Kernel
Openchrome drivers
Surround sound
VPN
Online store
Prebuilt mythbox
Other
Useful links

Getting the wireless USB-pen running

The wireless pen-drive was chosen for the main box because it looks a little bit neater than the WUSB11 card. However, the driver used is totally different - read on to find out how to get it working.
  1. The kernel needs to be compiled with iptables support in, so select the following options to be compiled in:
    Device Drivers ->
        Networking device support ->
            Network device support
    Networking ->
        Networking options ->
            Network packet filtering (replaces ipchains)
            Core Netfilter Configuration ->
                Netfilter Xtables support (required for ip_tables)
                "CLASSIFY" target support
                "limit" match support
                "mac" address match support
                Multiple port match support
                "state" match support
            IP: Netfilter Configuration ->
                Connection tracking (required for masq/NAT)
                FTP protocol support
                IP tables support (required for filtering/masq/NAT)
                IP range match support
                TOS match support
                Packet filtering
                REJECT target support
                LOG target support
                Full NAT
                MASQUERADE target support
                REDIRECT target support
                Packet mangling
                TOS target support
    
    In addition to this, linux-wlan-ng-0.2.3 requires the wireless extensions to be compiled into the kernel, so select:
    Device Drivers ->
        Networking device support ->
            Wireless LAN (non-hamradio) ->
                Wireless LAN drivers (non-hamradio) & Wireless Extensions
    
    Now you will need to recompile the kernel.
  2. Add usb to your USE flags so that we get the usb prism driver compiled. To unmask the linux-wlan-ng package so that we can use it in the 2.6 kernel, add the following to /etc/portage/packages.unmask:
    =net-wireless/linux-wlan-ng-0.2.3-r2
    
    Also add the following to /etc/portage/packages.keywords:
    net-wireless/linux-wlan-ng ~x86
    net-wireless/linux-wlan-ng-modules ~x86
    net-wireless/linux-wlan-ng-utils ~x86
    net-wireless/linux-wlan-ng-firmware ~x86
    
  3. Now we need to emerge linux-wlan-ng which will install our wireless utilities, firmware, and configs, as well as the necessary kernel modules for our current kernel. This means that whenever you upgrade your kernel, you will need to re-emerge these modules. Issue the following command:
    emerge linux-wlan-ng
    
  4. Edit /etc/modules.autoload.d/kernel-2.6 and add to the end the wireless module for our USB adaptor which is prism2_usb. You can verify that the adaptor has started correctly by checking /var/log/messages. Use modprobe to load the driver into memory now (rather than waiting until we restart).
  5. Edit /etc/conf.d/wlan.conf and ensure that it is changed appropriately, including your network name where necessary.
  6. Copy /etc/conf.d/wlancfg-DEFAULT to /etc/conf.d/wlancfg-<your_network_name>. Set the first keys to true to carry out encryption using index 0.
  7. Ignore the key generation section - this uses a different algorithm to that used in Windows and the atmel driver.
  8. Do an iwconfig on a client machine and copy the encryption key to the dot11WEPDefaultKey0 attribute. Comment out the others.
  9. Select ad-hoc mode, with open authentication.
  10. Select channel 11 for compatibility with Windows.
  11. Now to fix a problem with this driver. In /etc/wlan/shared, search for # Enable the interface. Below this line add:
    $WLANCTL $1 lnxreq_ifstate ifstate=disable
    
    This will disable the card first, allowing it to work. Save and close.
  12. Now configure the network interface to have an IP address. Give the command: ifconfig wlan0 192.168.0.<IP>, picking an IP of your choice.
  13. At this point, it is advisable to set up a second machine to act as a client (if you haven't done already). On the client machine, follow the networking steps thus far, but also route internet traffic to the box using: route add default gw 192.168.0.<IP>.
  14. Now to make the client resolve hostnames through the box. To do this, edit the /etc/resolv.conf file and add the following line:
    nameserver 192.168.0.<IP>
  15. Back to the box/server machine, we now need to make it deal with any name resolution requests, and for this we use the package dnsmasq. So emerge dnsmasq.
  16. Edit /etc/conf.d/dnsmasq, and change DNSMASQ_OPTS to be the following:
    DNSMASQ_OPTS="-i wlan0 -r /etc/ppp/resolv.conf"
  17. Now make dnsmasq start on bootup using: rc-update add dnsmasq default. Start it for now using: /etc/init.d/dnsmasq start. To test that the requests are getting through, on the client machine ping a website. You can then see if the name is getting resolved (but you still won't get a response yet). You should also be able to ping the server now.
  18. Now to setup the nat program up, along with the firewall. The package iptables does both of these tasks, so emerge iptables.
  19. To configure the firewall and packet forwarding, issue the following commands at the terminal (comments beginning with # are for reference only):
    # Flush the standard firewall rules
    iptables -F
    
    # Flush the nat rules
    iptables -t nat -F
    
    # Flush the mangle rules
    iptables -t mangle -F
    
    # Append to the nat table, a rule to masquerade packets heading to the internet
    iptables -t nat -A POSTROUTING -i wlan0 -o ppp0 -j MASQUERADE
    
  20. Now save the configuration using: /etc/init.d/iptables save
  21. Turn on IP forwarding by editing /etc/sysct1.conf and add:
    net.ipv4.ip_forward = 1
    net.ipv4.conf.default.rp_filter = 1
    
    Also edit /etc/conf.d/local.start and add:
    echo "1" > /proc/sys/net/ipv4/ip_forward
    echo "1" > /proc/sys/net/ipv4/conf/all/forwarding
    
  22. Start iptables using: /etc/init.d/iptables start, and make iptables load on boot using: rc-update add iptables default
  23. You should now be able to access the internet through the clients machine. If you can't, revisit the previous steps now before going any further.
  24. Now to make the wireless network start upon boot. Copy /etc/init.d/net.lo to /etc/init.d/net.wlan0. Edit this new file so that it contains the following:
    depend() {
            need wlan
    }
    
    start() {
            ebegin "Bringing ${IFACE} up"
            /sbin/ifconfig wlan0 192.168.0.<IP> netmask 255.255.255.0 broadcast 192.168.0.255  >/dev/null
            eend 0
    }
    
    stop() {
            ebegin "Bringing ${IFACE} down"
            /sbin/ifconfig ${IFACE} down &>/dev/null
            eend 0
    }
    
    
    Obviously we should keep the Gentoo copyright notice at the top :)
  25. Execute the following commands to make the network start on boot:
    rc-update add wlan0 default
    rc-update add net.wlan0 default
    
  26. Edit the /etc/hosts file and add any hosts on your network in the format:
    IP Boxname
    

Troubleshooting:
  • The output when I load the prism2_usb module says that there has been an error loading the firmware!
    I don't have an answer for this one. All I know it that it works regardless. Perhaps it is because the firmware is generic and needs to load into different places for different cards.