Hi Tom,
Le Thu, 4 Jun 2015 07:26:55 -0400, Tom Tomson nobol...@gmail.com a
écrit :
Hi everybody,
although I am apparently not the only one with problems like these. Still,
I have not found a solution by looking through the list - that's why I am
posting this mail. Sorry, if I should have overseen any important hint -
feel free to point me to the right direction...
So, here is my issue:
I have set up my (Debian based) Kali system (Linux kali 3.18.0-kali3-amd64
#1 SMP Debian 3.18.6-1~kali2 (2015-03-02) x86_64 GNU/Linux) to provide a
wireless access point with hostapd (v1.0). To provide clients with IP
addresses, I am using dnsmasq (version 2.62).
The configured SSID gets advertised and when I connect to it (e.g. with my
smartphone) the device will be briefly authenticated and immediately
deauthenticated.
tail -f /var/log/syslog
Jun 3 18:33:04 kali hostapd: wlan1: STA d8:96:95:27:30:b4 IEEE 802.11:
authenticated
Jun 3 18:33:04 kali hostapd: wlan1: STA d8:96:95:27:30:b4 IEEE 802.11:
associated (aid 1)
Jun 3 18:33:04 kali hostapd: wlan1: STA d8:96:95:27:30:b4 RADIUS: starting
accounting session 556F807A-
Jun 3 18:33:06 kali hostapd: wlan1: STA d8:96:95:27:30:b4 IEEE 802.11:
disassociated
Jun 3 18:33:07 kali hostapd: wlan1: STA d8:96:95:27:30:b4 IEEE 802.11:
deauthenticated due to inactivity
Apparently this deauthentication is due to the device not getting an IP
address via DHCP. When I look for network traffic on the wifi interface, I
will see the DHCP requests:
# tcpdump -i wlan1 ip
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on wlan1, link-type EN10MB (Ethernet), capture size 65535 bytes
18:33:04.694155 IP 0.0.0.0.bootpc 255.255.255.255.bootps: BOOTP/DHCP,
Request from d8:96:95:27:30:b4 (oui Unknown), length 300
18:33:04.694254 IP 0.0.0.0.bootpc 255.255.255.255.bootps: BOOTP/DHCP,
Request from d8:96:95:27:30:b4 (oui Unknown), length 300
18:33:06.172565 IP 0.0.0.0.bootpc 255.255.255.255.bootps: BOOTP/DHCP,
Request from d8:96:95:27:30:b4 (oui Unknown), length 300
18:33:06.172641 IP 0.0.0.0.bootpc 255.255.255.255.bootps: BOOTP/DHCP,
Request from d8:96:95:27:30:b4 (oui Unknown), length 300
In the dnsmasq log I can see the corresponding requests:
# tail -f /var/log/dnsmasq.log
Jun 3 17:57:59 dnsmasq[11398]: exiting on receipt of SIGTERM
Jun 3 17:58:01 dnsmasq[11511]: started, version 2.62 cachesize 150
Jun 3 17:58:01 dnsmasq[11511]: compile time options: IPv6 GNU-getopt DBus
i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack
Jun 3 17:58:01 dnsmasq[11511]: warning: no upstream servers configured
Jun 3 17:58:01 dnsmasq-dhcp[11511]: DHCP, IP range 10.0.0.10 --
10.0.0.250, lease time 12h
Jun 3 17:58:01 dnsmasq[11511]: read /etc/hosts - 5 addresses
Jun 3 18:33:04 dnsmasq-dhcp[11511]: 151532460 available DHCP range:
10.0.0.10 -- 10.0.0.250
Jun 3 18:33:04 dnsmasq-dhcp[11511]: 151532460 client provides name: iTC
Jun 3 18:33:06 dnsmasq-dhcp[11511]: 151532460 available DHCP range:
10.0.0.10 -- 10.0.0.250
Jun 3 18:33:06 dnsmasq-dhcp[11511]: 151532460 client provides name: iTC
So, the DHCP requests apparently reach the dnsmasq daemon - however this
guy is not responding in any way. But why???
Here is my dnsmasq config:
# cat /etc/dnsmasq.conf
log-facility=/var/log/dnsmasq.log
interface=wlan1
dhcp-range=10.0.0.10,10.0.0.250,12h
dhcp-option=1,255.255.255.0
dhcp-option=3,10.0.0.1
dhcp-option=6,10.0.0.1
log-queries
log-dhcp
What are the configurations of the wlan1 and eth0 interfaces ?
iptables is configured to forward traffic from the wifi interface to eth0,
but has no other restrictions:
This does not forward traffic from the wifi interface to eth0, this
just forwards anything (policy is ACCEPT); the wlan1/eth0 specific
line does nothing. Besides, what is the point of forwarding traffic
from wlan1 to eth0? Either packets incoming on wlan1 all have a
destination IP in the subnet where eth0 belongs, and the kernel will
route them anyway, r they have a destination outside the eth0 subnet,
and they should not be routed to eth0.
# iptables -L -v
Chain INPUT (policy ACCEPT 6784 packets, 9546K bytes)
pkts bytes target prot opt in out source
destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
0 0 ACCEPT all -- wlan1 eth0anywhere
anywhere
Chain OUTPUT (policy ACCEPT 6900 packets, 923K bytes)
pkts bytes target prot opt in out source
destination
Is there any way to get more debugging information? Or does anybody on this
list have a solution to this strange behaviour?
Any help is greatly appreciated!
Regards,
Tom
Amicalement,
--
Albert.
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
