Hi Tom, Le Thu, 4 Jun 2015 07:26:55 -0400, Tom Tomson <nobol...@gmail.com> a écrit :
> Hi everybody, > > although I am apparently not the only one with problems like these. Still, > I have not found a solution by looking through the list - that's why I am > posting this mail. Sorry, if I should have overseen any important hint - > feel free to point me to the right direction... > > So, here is my issue: > > I have set up my (Debian based) Kali system (Linux kali 3.18.0-kali3-amd64 > #1 SMP Debian 3.18.6-1~kali2 (2015-03-02) x86_64 GNU/Linux) to provide a > wireless access point with hostapd (v1.0). To provide clients with IP > addresses, I am using dnsmasq (version 2.62). > > The configured SSID gets advertised and when I connect to it (e.g. with my > smartphone) the device will be briefly authenticated and immediately > deauthenticated. > > tail -f /var/log/syslog > Jun 3 18:33:04 kali hostapd: wlan1: STA d8:96:95:27:30:b4 IEEE 802.11: > authenticated > Jun 3 18:33:04 kali hostapd: wlan1: STA d8:96:95:27:30:b4 IEEE 802.11: > associated (aid 1) > Jun 3 18:33:04 kali hostapd: wlan1: STA d8:96:95:27:30:b4 RADIUS: starting > accounting session 556F807A-00000000 > Jun 3 18:33:06 kali hostapd: wlan1: STA d8:96:95:27:30:b4 IEEE 802.11: > disassociated > Jun 3 18:33:07 kali hostapd: wlan1: STA d8:96:95:27:30:b4 IEEE 802.11: > deauthenticated due to inactivity > > Apparently this deauthentication is due to the device not getting an IP > address via DHCP. When I look for network traffic on the wifi interface, I > will see the DHCP requests: > > # tcpdump -i wlan1 ip > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode > listening on wlan1, link-type EN10MB (Ethernet), capture size 65535 bytes > 18:33:04.694155 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, > Request from d8:96:95:27:30:b4 (oui Unknown), length 300 > 18:33:04.694254 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, > Request from d8:96:95:27:30:b4 (oui Unknown), length 300 > 18:33:06.172565 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, > Request from d8:96:95:27:30:b4 (oui Unknown), length 300 > 18:33:06.172641 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, > Request from d8:96:95:27:30:b4 (oui Unknown), length 300 > > In the dnsmasq log I can see the corresponding requests: > > # tail -f /var/log/dnsmasq.log > Jun 3 17:57:59 dnsmasq[11398]: exiting on receipt of SIGTERM > Jun 3 17:58:01 dnsmasq[11511]: started, version 2.62 cachesize 150 > Jun 3 17:58:01 dnsmasq[11511]: compile time options: IPv6 GNU-getopt DBus > i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack > Jun 3 17:58:01 dnsmasq[11511]: warning: no upstream servers configured > Jun 3 17:58:01 dnsmasq-dhcp[11511]: DHCP, IP range 10.0.0.10 -- > 10.0.0.250, lease time 12h > Jun 3 17:58:01 dnsmasq[11511]: read /etc/hosts - 5 addresses > Jun 3 18:33:04 dnsmasq-dhcp[11511]: 151532460 available DHCP range: > 10.0.0.10 -- 10.0.0.250 > Jun 3 18:33:04 dnsmasq-dhcp[11511]: 151532460 client provides name: iTC > Jun 3 18:33:06 dnsmasq-dhcp[11511]: 151532460 available DHCP range: > 10.0.0.10 -- 10.0.0.250 > Jun 3 18:33:06 dnsmasq-dhcp[11511]: 151532460 client provides name: iTC > > So, the DHCP requests apparently reach the dnsmasq daemon - however this > guy is not responding in any way. But why??? > > Here is my dnsmasq config: > > # cat /etc/dnsmasq.conf > log-facility=/var/log/dnsmasq.log > interface=wlan1 > dhcp-range=10.0.0.10,10.0.0.250,12h > dhcp-option=1,255.255.255.0 > dhcp-option=3,10.0.0.1 > dhcp-option=6,10.0.0.1 > log-queries > log-dhcp What are the configurations of the wlan1 and eth0 interfaces ? > iptables is configured to forward traffic from the wifi interface to eth0, > but has no other restrictions: This does not "forward traffic from the wifi interface to eth0", this just forwards anything (policy is ACCEPT); the wlan1/eth0 specific line does nothing. Besides, what is the point of forwarding traffic from wlan1 to eth0? Either packets incoming on wlan1 all have a destination IP in the subnet where eth0 belongs, and the kernel will route them anyway, r they have a destination outside the eth0 subnet, and they should not be routed to eth0. > # iptables -L -v > Chain INPUT (policy ACCEPT 6784 packets, 9546K bytes) > pkts bytes target prot opt in out source > destination > Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) > pkts bytes target prot opt in out source > destination > 0 0 ACCEPT all -- wlan1 eth0 anywhere > anywhere > Chain OUTPUT (policy ACCEPT 6900 packets, 923K bytes) > pkts bytes target prot opt in out source > destination > > Is there any way to get more debugging information? Or does anybody on this > list have a solution to this strange behaviour? > > Any help is greatly appreciated! > > Regards, > Tom Amicalement, -- Albert. _______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss