wpa_supplicant / ndiswrapper / Dell WLAN 1450 / Slackware issues
 

Going nuts here. I'm a semi-newbie to Linux. Configuration:

Laptop:
Dell Inspiron 600m
Dell Wireless 1450 a/b/g card
Dual boot to: Slackware 10 (fully patched to current via swaret and kernel 2.6.9) and Windows XP
NDISWrapper 0.11 because the 1450 is Broadcomm based (booo!!!!!!!!!)
WPA_supplicant 0.3.2 (tried 0.3.1 & 0.2.5 also with no luck)

Network:
D-Link DI-614+ (patched to firmware 3.43)
hidden ssid
set to WPA-PSK

The D-Link connects fine when in Windows. If I try to connect in Slackware to a non-encrypted WLAN (not my own, but for instance in a coffee shop), NDISWrapper works fine.

wpa_supplicant.conf:

ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=0
#
# home network; allow all valid ciphers
network={
ssid="ssid is entered here (not going to reveal it)"
scan_ssid=0
#ap_scan=2
key_mgmt=WPA-PSK
psk="key is entered here (not going to reveal it)"
}
#

Note, by the way, that the ap_scan line, while I'd like to use it, doesn't work - I get "Line 8: unknown network field 'ap_scan') (this is PROBLEM 1)

Here's what happens with the ap_scan line commented out:

bash-3.00# wpa_supplicant -iwlan0 -c/etc/wpa_supplicant.conf -dd
Initializing interface 'wlan0' conf '/etc/wpa_supplicant.conf' driver 'default'
Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf'
Reading configuration file '/etc/wpa_supplicant.conf'
Line 1: Invalid configuration line 'ctrl_interface=/var/run/wpa_supplicant'.
Line 2: Invalid configuration line 'ctrl_interface_group=0'.
Line: 5 - start of a new network block
ssid - hexdump_ascii(len=(value here removed)):
(normally there's a bunch of hex here with my ssid at the end - I removed it)
scan_ssid=0 (0x0)
key_mgmt: 0x2
PSK (ASCII passphrase) - hexdump_ascii(len=63): [REMOVED]
PSK (from passphrase) - hexdump(len=32): [REMOVED]
Priority group 0
id=0 ssid='(ssid removed)'
Failed to read configuration file '/etc/wpa_supplicant.conf'.


Ideas? The ap_scan line should work - it doesn't. The program doesn't like the first two lines of the conf file either...Help!

- Phil

Found a solution
 

Thanks to Jouni Malinen on the HOSTAP list, he told me that:

1) ap_scan is a global variable - it should be up with the ctrl_interface lines at the beginning of the file - it can't be in any network block

2) I needed to add to my .config file CONFIG_CTRL_IFACE=y to use the ctrl_interface lines in .config. running make again and copying the files over to /usr/local/bin did the trick.

Now I discovered that my DI-614+ requires ap_scan to equal 1 (0 or 2 won't work) AND I have to enable broadcast ssid :(

Anybody got any ideas on how to configure wpa_supplicant to NOT require that? Or is this a NDISWrapper issue?

- Phil

Can't answer the first part, but as for the SSID broadcast, let it on. It's a myth that it provides any security.

The SSID is broadcast everytime a client device probes the AP, even if the beacon (so-called SSID broadcast) is off - in the clear and unencrypted whether or not you use WEP or WPA. Similarly, MAC addresses of the AP and clients are passed in the clear (which is why MAC address filtering is of little benefit.

Kismet and similar tools will still detect your wireless network and, once probed by either the bad guy or by one of your devices, the SSID will appear.

There's no way to hide a radio if it's on. Disabling the beacon can cause connection difficulties with certain configurations and makes it harder for the average Joe to set up an AP on a less crowded channel.

I get these lines as well and am thinking they are my problem. Can anyone help?

chris