sorted by: recent | see :
popular
Content Tagged with wireless + wpa
Custom linux router, routing, split access and more..
http://www.adamsinfo.com/custom-linux-router-routing-split-access-and-more/
So, now I have got this router set up and working, it was time to customize it somewhat.
In terms of networking, we have 3 10/100 ethernet ports and one wireless adapter, and this is set up as follows:
Internet comes in to eth1 and eth2, both of which have public IPs. eth0 which is another ethernet interface is bridged with ath0 which is my wireless interface (in master mode, with WPA-PSK/TKIP with hostap running) to form br-lan, whos IP is 192.168.100.1and is connected via a switch to feed the LAN PCs
I’m using a pretty simple netfilter masquerade script in use with this for NAT.
My LAN devices are then on the 192.168.100.0/24 network and all works perfectly.
I run a upnp daemon on there which should be noted is awful in terms of security. It allows any networked PCs to dynamically open and close forwarded ports. Great for keeping skype, MSN and bittorrent happy, but not so great on a public LAN where any PC can open, close and redirect any port on the external interface.
To re-iterate: UPNP IS NOT SECURE
Now it’s time to set up split access on all outbound connections. Using iproute2, we can set up multiple providers and load balanced access. This guide: http://lartc.org/howto/lartc.rpdb.multiple-links.html works great, but replace T1 and T2 in table names with 1 and 2. Perhaps the guide is outdated, who knows, but with that change made, all works, and accessing various “check my IP” sites, will return either of the two external IPs bound to eth1 and eth2 of my router.
load
hostap
upnp
split
providers
wpa
wireless
access
router
User:davidapnic