Hello Chris, You can open two ssh connection, on the first one try to brin you SSIds up and the other one do: logged -f and you will see why it’s not working correctly.
Thanks, Ludovic Zammit [email protected] <mailto:[email protected]> :: +1.514.447.4918 (x145) :: www.inverse.ca <http://www.inverse.ca/> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu <http://www.sogo.nu/>) and PacketFence (http://packetfence.org <http://packetfence.org/>) > Le 2015-06-04 à 11:19, Chris Abel <[email protected]> a écrit : > > No, this one seems to make it worse. Cannot start wireless even with only one > SSID. Anything else I can try or any other information I should provide to > you? > > On Wed, Jun 3, 2015 at 11:07 AM, Ludovic Zammit <[email protected] > <mailto:[email protected]>> wrote: > Hello Chris, > > Try this hostapd.sh file, I removed the part that you don’t need for the open > ssid. > > > > > Thanks, > Ludovic Zammit > [email protected] <mailto:[email protected]> :: +1.514.447.4918 > <tel:%2B1.514.447.4918> (x145) :: www.inverse.ca <http://www.inverse.ca/> > Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu > <http://www.sogo.nu/>) and PacketFence (http://packetfence.org > <http://packetfence.org/>) > > > > > >> Le 2015-06-02 à 13:08, Chris Abel <[email protected] >> <mailto:[email protected]>> a écrit : >> >> Sure. Here it is: >> >> case "$auth_type" in >> none) >> wps_possible=1 >> # Here we make the assumption that if we're in open mode >> # with WPS enabled, we got to be in unconfigured state. >> wps_not_configured=1 >> json_get_vars \ >> auth_server auth_secret auth_port \ >> acct_server acct_secret acct_port \ >> dae_client dae_secret dae_port \ >> nasid iapp_interface dynamic_vlan \ >> vlan_naming vlan_tagged_interface \ >> vlan_bridge >> # legacy compatibility >> [ -n "$auth_server" ] || json_get_var auth_server server >> [ -n "$auth_port" ] || json_get_var auth_port port >> [ -n "$auth_secret" ] || json_get_var auth_secret key >> >> set_default auth_port 1812 >> set_default acct_port 1813 >> >> set_default vlan_naming 0 >> >> append bss_conf "auth_server_addr=$auth_server" "$N" >> append bss_conf "auth_server_port=$auth_port" "$N" >> append bss_conf >> "auth_server_shared_secret=$auth_secret" "$N" >> append bss_conf "vlan_file=/etc/config/hostapd.vlan" >> "$N" >> #Mac authentication >> append bss_conf "macaddr_acl=2" "$N" >> [ -n "$acct_server" ] && { >> append bss_conf "acct_server_addr=$acct_server" >> "$N" >> append bss_conf "acct_server_port=$acct_port" >> "$N" >> [ -n "$acct_secret" ] && \ >> append bss_conf >> "acct_server_shared_secret=$acct_secret" "$N" >> } >> [ -n "$dae_client" -a -n "$dae_secret" ] && { >> append bss_conf "radius_das_port=$dae_port" "$N" >> append bss_conf "radius_das_client=$dae_client >> $dae_secret" "$N" >> } >> >> append bss_conf "nas_identifier=$nasid" "$N" >> [ -n "$dynamic_vlan" ] && { >> append bss_conf "dynamic_vlan=$dynamic_vlan" >> "$N" >> append bss_conf "vlan_naming=$vlan_naming" "$N" >> [ -n "$vlan_bridge" ] && \ >> append bss_conf >> "vlan_bridge=$vlan_bridge" "$N" >> [ -n "$vlan_tagged_interface" ] && \ >> append bss_conf >> "vlan_tagged_interface=$vlan_tagged_interface" "$N" >> } >> ;; >> psk) >> json_get_vars key >> if [ ${#key} -lt 8 ]; then >> wireless_setup_vif_failed INVALID_WPA_PSK >> return 1 >> elif [ ${#key} -eq 64 ]; then >> append bss_conf "wpa_psk=$key" "$N" >> else >> append bss_conf "wpa_passphrase=$key" "$N" >> json_get_vars \ >> auth_server auth_secret auth_port \ >> acct_server acct_secret acct_port \ >> dae_client dae_secret dae_port \ >> nasid iapp_interface dynamic_vlan \ >> vlan_tagged_interface >> # legacy compatibility >> [ -n "$auth_server" ] || json_get_var auth_server server >> [ -n "$auth_port" ] || json_get_var auth_port port >> [ -n "$auth_secret" ] || json_get_var auth_secret key >> >> set_default auth_port 1812 >> set_default acct_port 1813 >> >> set_default vlan_naming 0 >> >> append bss_conf "auth_server_addr=$auth_server" "$N" >> append bss_conf "auth_server_port=$auth_port" "$N" >> append bss_conf >> "auth_server_shared_secret=$auth_secret" "$N" >> append bss_conf "vlan_file=/etc/config/hostapd.vlan" >> "$N" >> #Mac authentication >> append bss_conf "macaddr_acl=2" "$N" >> [ -n "$acct_server" ] && { >> append bss_conf "acct_server_addr=$acct_server" >> "$N" >> append bss_conf "acct_server_port=$acct_port" >> "$N" >> [ -n "$acct_secret" ] && \ >> append bss_conf >> "acct_server_shared_secret=$acct_secret" "$N" >> } >> [ -n "$dae_client" -a -n "$dae_secret" ] && { >> append bss_conf "radius_das_port=$dae_port" "$N" >> append bss_conf "radius_das_client=$dae_client >> $dae_secret" "$N" >> } >> >> append bss_conf "nas_identifier=$nasid" "$N" >> [ -n "$dynamic_vlan" ] && { >> append bss_conf "dynamic_vlan=$dynamic_vlan" >> "$N" >> append bss_conf "vlan_naming=$vlan_naming" "$N" >> [ -n "$vlan_tagged_interface" ] && \ >> append bss_conf >> "vlan_tagged_interface=$vlan_tagged_interface" "$N" >> } >> >> fi >> wps_possible=1 >> ;; >> eap) >> json_get_vars \ >> auth_server auth_secret auth_port \ >> acct_server acct_secret acct_port \ >> dae_client dae_secret dae_port \ >> nasid iapp_interface ownip \ >> eap_reauth_period dynamic_vlan \ >> vlan_tagged_interface >> >> # legacy compatibility >> [ -n "$auth_server" ] || json_get_var auth_server server >> [ -n "$auth_port" ] || json_get_var auth_port port >> [ -n "$auth_secret" ] || json_get_var auth_secret key >> >> set_default auth_port 1812 >> set_default acct_port 1813 >> set_default dae_port 3799 >> >> set_default vlan_naming 0 >> >> append bss_conf "auth_server_addr=$auth_server" "$N" >> append bss_conf "auth_server_port=$auth_port" "$N" >> append bss_conf >> "auth_server_shared_secret=$auth_secret" "$N" >> append bss_conf "vlan_file=/etc/config/hostapd.vlan" >> "$N" >> >> [ -n "$acct_server" ] && { >> append bss_conf "acct_server_addr=$acct_server" >> "$N" >> append bss_conf "acct_server_port=$acct_port" >> "$N" >> [ -n "$acct_secret" ] && \ >> append bss_conf >> "acct_server_shared_secret=$acct_secret" "$N" >> } >> >> [ -n "$eap_reauth_period" ] && append bss_conf >> "eap_reauth_period=$eap_reauth_period" "$N" >> >> [ -n "$dae_client" -a -n "$dae_secret" ] && { >> append bss_conf "radius_das_port=$dae_port" "$N" >> append bss_conf "radius_das_client=$dae_client >> $dae_secret" "$N" >> } >> >> append bss_conf "nas_identifier=$nasid" "$N" >> [ -n "$ownip" ] && append bss_conf "own_ip_addr=$ownip" >> "$N" >> append bss_conf "eapol_key_index_workaround=1" "$N" >> append bss_conf "ieee8021x=1" "$N" >> append bss_conf "wpa_key_mgmt=WPA-EAP" "$N" >> >> [ -n "$dynamic_vlan" ] && { >> append bss_conf "dynamic_vlan=$dynamic_vlan" >> "$N" >> append bss_conf "vlan_naming=$vlan_naming" "$N" >> [ -n "$vlan_tagged_interface" ] && \ >> append bss_conf >> "vlan_tagged_interface=$vlan_tagged_interface" "$N" >> } >> ;; >> wep) >> local wep_keyidx=0 >> json_get_vars key >> hostapd_append_wep_key bss_conf >> append bss_conf "wep_default_key=$wep_keyidx" "$N" >> [ -n "$wep_rekey" ] && append bss_conf >> "wep_rekey_period=$wep_rekey" "$N" >> ;; >> >> >> I have also attached the hostapd.sh file I am using. >> >> On Tue, Jun 2, 2015 at 12:43 PM, Ludovic Zammit <[email protected] >> <mailto:[email protected]>> wrote: >> Chris, >> >> Can you post the ‘none’ section that you have in the /lib/netifd/hostapd.sh >> >> Is it similar to this : >> >> >> none) >> wps_possible=1 >> # Here we make the assumption that if we're in open mode >> # with WPS enabled, we got to be in unconfigured state. >> wps_not_configured=1 >> json_get_vars \ >> auth_server auth_secret auth_port \ >> acct_server acct_secret acct_port \ >> dae_client dae_secret dae_port \ >> nasid iapp_interface dynamic_vlan \ >> vlan_tagged_interface >> # legacy compatibility >> [ -n "$auth_server" ] || json_get_var auth_server server >> [ -n "$auth_port" ] || json_get_var auth_port port >> [ -n "$auth_secret" ] || json_get_var auth_secret key >> >> set_default auth_port 1812 >> set_default acct_port 1813 >> >> set_default vlan_naming 1 >> >> append bss_conf "auth_server_addr=$auth_server" "$N" >> append bss_conf "auth_server_port=$auth_port" "$N" >> append bss_conf >> "auth_server_shared_secret=$auth_secret" "$N" >> append bss_conf "vlan_file=/etc/config/hostapd.vlan" >> "$N" >> # Mac authentication >> append bss_conf "macaddr_acl=2" "$N" >> [ -n "$acct_server" ] && { >> append bss_conf "acct_server_addr=$acct_server" >> "$N" >> append bss_conf "acct_server_port=$acct_port" >> "$N" >> [ -n "$acct_secret" ] && \ >> append bss_conf >> "acct_server_shared_secret=$acct_secret" "$N" >> } >> [ -n "$dae_client" -a -n "$dae_secret" ] && { >> append bss_conf "radius_das_port=$dae_port" "$N" >> append bss_conf "radius_das_client=$dae_client >> $dae_secret" "$N" >> } >> >> append bss_conf "nas_identifier=$nasid" "$N" >> [ -n "$dynamic_vlan" ] && { >> append bss_conf "dynamic_vlan=$dynamic_vlan" >> "$N" >> append bss_conf "vlan_naming=$vlan_naming" "$N" >> [ -n "$vlan_tagged_interface" ] && \ >> append bss_conf >> "vlan_tagged_interface=$vlan_tagged_interface" "$N" >> } >> ;; >> psk) >> json_get_vars key >> if [ ${#key} -lt 8 ]; then >> wireless_setup_vif_failed INVALID_WPA_PSK >> return 1 >> elif [ ${#key} -eq 64 ]; then >> append bss_conf "wpa_psk=$key" "$N" >> else >> append bss_conf "wpa_passphrase=$key" "$N" >> json_get_vars \ >> auth_server auth_secret auth_port \ >> acct_server acct_secret acct_port \ >> dae_client dae_secret dae_port \ >> nasid iapp_interface dynamic_vlan \ >> vlan_tagged_interface >> # legacy compatibility >> [ -n "$auth_server" ] || json_get_var auth_server server >> [ -n "$auth_port" ] || json_get_var auth_port port >> [ -n "$auth_secret" ] || json_get_var auth_secret key >> >> set_default auth_port 1812 >> set_default acct_port 1813 >> >> set_default vlan_naming 1 >> >> append bss_conf "auth_server_addr=$auth_server" "$N" >> append bss_conf "auth_server_port=$auth_port" "$N" >> append bss_conf >> "auth_server_shared_secret=$auth_secret" "$N" >> append bss_conf "vlan_file=/etc/config/hostapd.vlan" >> "$N" >> # Mac authentication >> append bss_conf "macaddr_acl=2" "$N" >> [ -n "$acct_server" ] && { >> append bss_conf "acct_server_addr=$acct_server" >> "$N" >> append bss_conf "acct_server_port=$acct_port" >> "$N" >> [ -n "$acct_secret" ] && \ >> append bss_conf >> "acct_server_shared_secret=$acct_secret" "$N" >> } >> [ -n "$dae_client" -a -n "$dae_secret" ] && { >> append bss_conf "radius_das_port=$dae_port" "$N" >> append bss_conf "radius_das_client=$dae_client >> $dae_secret" "$N" >> } >> >> append bss_conf "nas_identifier=$nasid" "$N" >> [ -n "$dynamic_vlan" ] && { >> append bss_conf "dynamic_vlan=$dynamic_vlan" >> "$N" >> append bss_conf "vlan_naming=$vlan_naming" "$N" >> [ -n "$vlan_tagged_interface" ] && \ >> append bss_conf >> "vlan_tagged_interface=$vlan_tagged_interface" "$N" >> } >> >> fi >> wps_possible=1 >> ;; >> You’re ‘normal’ SSID will try to use the radius configuration and since you >> don’t have all the parameters it will fail. >> >> What do you have with the command: >> >> logread >> >> Thanks, >> Ludovic Zammit >> [email protected] <mailto:[email protected]> :: +1.514.447.4918 >> <tel:%2B1.514.447.4918> (x145) :: www.inverse.ca <http://www.inverse.ca/> >> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu >> <http://www.sogo.nu/>) and PacketFence (http://packetfence.org >> <http://packetfence.org/>) >> >> >> >> >> >>> Le 2015-06-02 à 12:28, Chris Abel <[email protected] >>> <mailto:[email protected]>> a écrit : >>> >>> Playing around with this some more, this is what I've learned: >>> >>> I can add multiple SSIDs as long as they all use packetfence. >>> The moment I add a normal SSID, wireless fails to start/enable. >>> >>> Here is "show uci wireless" when it is broken: >>> >>> wireless.radio0=wifi-device >>> >>> wireless.radio0.type=mac80211 >>> >>> wireless.radio0.channel=6 >>> >>> wireless.radio0.macaddr=04:18:d6:97:ea:4d >>> >>> wireless.radio0.hwmode=11ng >>> >>> wireless.radio0.ht_capab=SHORT-GI-20 SHORT-GI-40 TX-STBC RX-STBC1 >>> DSSS_CCK-40 >>> >>> wireless.radio0.txpower=27 >>> >>> wireless.radio0.htmode=HT20 >>> >>> wireless.radio0.country=US >>> >>> wireless.@wifi-iface[0]=wifi-iface >>> >>> wireless.@wifi-iface[0].device=radio0 >>> >>> wireless.@wifi-iface[0].mode=ap >>> >>> wireless.@wifi-iface[0].ssid=WiFi >>> >>> wireless.@wifi-iface[0].network=lan >>> >>> wireless.@wifi-iface[0].encryption=psk2 >>> >>> wireless.@wifi-iface[0].key=xxxxxxxxx >>> >>> wireless.@wifi-iface[0].auth_server=10.128.0.66 >>> >>> wireless.@wifi-iface[0].auth_port=1812 >>> >>> wireless.@wifi-iface[0].auth_secret=xxxxxxxxx >>> >>> wireless.@wifi-iface[0].acct_server=10.128.0.66 >>> >>> wireless.@wifi-iface[0].acct_port=1812 >>> >>> wireless.@wifi-iface[0].acct_secret=xxxxxxxxx >>> >>> wireless.@wifi-iface[0].dynamic_vlan=2 >>> >>> wireless.@wifi-iface[0].vlan_file=/etc/config/hostapd.vlan >>> >>> wireless.@wifi-iface[0].vlan_tagged_interface=eth0 >>> >>> wireless.@wifi-iface[0].dae_secret=xxxxxxxxx >>> >>> wireless.@wifi-iface[0].dae_client=10.128.0.66 >>> >>> wireless.@wifi-iface[0].macfilter=2 >>> >>> wireless.@wifi-iface[0].dae_port=3799 >>> >>> wireless.@wifi-iface[0].nasid=Ubiquiti >>> >>> wireless.@wifi-iface[1]=wifi-iface >>> >>> wireless.@wifi-iface[1].device=radio0 >>> >>> wireless.@wifi-iface[1].mode=ap >>> >>> wireless.@wifi-iface[1].ssid=Internal >>> >>> wireless.@wifi-iface[1].network=lan >>> >>> wireless.@wifi-iface[1].encryption=psk2 >>> >>> wireless.@wifi-iface[1].key=xxxxxxxxx >>> >>> wireless.@wifi-iface[1].hidden=1 >>> >>> wireless.@wifi-iface[1].auth_server=10.128.0.66 >>> >>> wireless.@wifi-iface[1].auth_port=1812 >>> >>> wireless.@wifi-iface[1].auth_secret=xxxxxxxxx >>> >>> wireless.@wifi-iface[1].acct_server=10.128.0.66 >>> >>> wireless.@wifi-iface[1].acct_port=1812 >>> >>> wireless.@wifi-iface[1].acct_secret=xxxxxxxxx >>> >>> wireless.@wifi-iface[1].dynamic_vlan=2 >>> >>> wireless.@wifi-iface[1].vlan_file=/etc/config/hostapd.vlan >>> >>> wireless.@wifi-iface[1].vlan_tagged_interface=eth0 >>> >>> wireless.@wifi-iface[1].macfilter=2 >>> >>> wireless.@wifi-iface[1].nasid=Ubiquiti >>> >>> wireless.@wifi-iface[2]=wifi-iface >>> >>> wireless.@wifi-iface[2].device=radio0 >>> >>> wireless.@wifi-iface[2].mode=ap >>> >>> wireless.@wifi-iface[2].ssid=OpenWrt >>> >>> wireless.@wifi-iface[2].encryption=none >>> >>> wireless.@wifi-iface[2].network=lan >>> >>> >>> >>> >>> >>> When the SSID WiFi and Internal are up, everything works great. When I add >>> the last SSID, wireless breaks. >>> >>> >>> On Tue, Jun 2, 2015 at 11:09 AM, Ludovic Zammit <[email protected] >>> <mailto:[email protected]>> wrote: >>> Hello Chris, >>> >>> Can you post the result of that command : >>> >>> uci show wireless >>> >>> Thanks, >>> Ludovic Zammit >>> [email protected] <mailto:[email protected]> :: +1.514.447.4918 >>> <tel:%2B1.514.447.4918> (x145) :: www.inverse.ca <http://www.inverse.ca/> >>> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu >>> <http://www.sogo.nu/>) and PacketFence (http://packetfence.org >>> <http://packetfence.org/>) >>> >>> >>> >>> >>> >>>> Le 2015-06-01 à 11:55, Chris Abel <[email protected] >>>> <mailto:[email protected]>> a écrit : >>>> >>>> Hey Earl, >>>> >>>> I'm hitting one issue actually with the hostapd.sh file. Wireless becomes >>>> disabled when you try to configure multiple SSIDs. Do you also see this >>>> behavior? >>>> >>>> Thanks, >>>> Chris >>>> >>>> On Thu, May 28, 2015 at 3:13 PM, Earl Robinson <[email protected] >>>> <mailto:[email protected]>> wrote: >>>> My pleasure Chris, >>>> >>>> I'm not really that familiar with the entire script and whether or not the >>>> version I've posted is fully functional, or if it just happens to work for >>>> my setup. I've reached out to the OpenWRT folks to see if there's some way >>>> to merge the functionality into the most recent hostapd.sh script, but I >>>> don't know yet what they're willing to do. >>>> >>>> -earl >>>> >>>> On Wed, May 27, 2015 at 12:45 PM, Chris Abel <[email protected] >>>> <mailto:[email protected]>> wrote: >>>> Thanks so much Earl. Your hostapd.sh patch is working perfectly for me as >>>> well. Great to have PF work with the latest version of OpenWRT. >>>> >>>> On Thu, May 21, 2015 at 4:02 PM, Earl Robinson <[email protected] >>>> <mailto:[email protected]>> wrote: >>>> I've got it working! >>>> >>>> The solution was merging your version of /lib/netifd/hostapd.sh with some >>>> changes from patch r41963 : https://dev.openwrt.org/changeset/41963 >>>> <https://dev.openwrt.org/changeset/41963>I think the secret sauce is the >>>> lines with vlan_naming. I've attached the version which is working for me. >>>> hostapd.sh : md5 2fcef5f0bf3b858f38a9132bde40868a >>>> >>>> This change tells the hostapd.sh script to join the wireless client to the >>>> existing bridge on vlan 11 named br-vlan11 rather than create a new bridge >>>> named breth0.11 >>>> >>>> Thanks again for your help >>>> -earl >>>> >>>> >>>> On Thu, May 21, 2015 at 2:46 PM, Earl Robinson <[email protected] >>>> <mailto:[email protected]>> wrote: >>>> nope, I've got /etc/config/hostapd.vlan >>>> >>>> # cat /etc/config/hostapd.vlan >>>> * wlan0.# >>>> >>>> >>>> On Thu, May 21, 2015 at 2:23 PM, Ludovic Zammit <[email protected] >>>> <mailto:[email protected]>> wrote: >>>> Earl, >>>> >>>> Maybe you’re missing that part in your configuration: >>>> >>>> vlan_file=/etc/config/hostapd.vlan >>>> >>>> That file should contain: >>>> >>>> * wlan0.# >>>> >>>> To add that line in your configuration: >>>> >>>> uci add_list wireless.@wifi-iface[0].vlan_file=/etc/config/hostapd.vlan >>>> >>>> It will add the configuration on the first SSID [0]. >>>> >>>> Thanks, >>>> Ludovic Zammit >>>> [email protected] <mailto:[email protected]> :: +1.514.447.4918 >>>> <tel:%2B1.514.447.4918> (x145) :: www.inverse.ca <http://www.inverse.ca/> >>>> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu >>>> <http://www.sogo.nu/>) and PacketFence (http://packetfence.org >>>> <http://packetfence.org/>) >>>> >>>> >>>> >>>> >>>> >>>>> Le 2015-05-21 à 14:18, Ludovic Zammit < <mailto:[email protected]> > ------------------------------------------------------------------------------ > > _______________________________________________ > PacketFence-users mailing list > [email protected] > <mailto:[email protected]> > https://lists.sourceforge.net/lists/listinfo/packetfence-users > <https://lists.sourceforge.net/lists/listinfo/packetfence-users> > > ... > > [Message clipped] > > > > -- > Chris Abel > Systems and Network Administrator > Wildwood Programs > 2995 Curry Road Extension > Schenectady, NY 12303 > 518-836-2341 > > > IMPORTANT NOTICE: This message and any attachments are solely for the > intended recipient and may contain confidential information, which is, or may > be, legally privileged or otherwise protected by law from further disclosure. > If you are not the intended recipient, any disclosure, copying, use, or > distribution of the information included in this email and any attachments is > prohibited. If you have received this communication in error, please notify > the sender by reply email and immediately and permanently delete this email > and any > attachments.------------------------------------------------------------------------------ > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
