Tux

...making Linux just a little more fun!

Wicd Wireless on Boot

Carey Riley [crileyjm at gmail.com]


Sat, 8 Aug 2009 03:21:01 -0500

Greetings:

Do any of you use wicd? I wish to know how to automatically share the wireless on boot. At the moment, the connection to the wired setup is automatically done (by dhcpcd/wicd combination). But the wireless internet sharing has to be set manually.

Thanks in advance.


Top    Back


Thomas Adam [thomas.adam22 at gmail.com]


Sat, 8 Aug 2009 12:01:56 +0100

2009/8/8 Carey Riley <[email protected]>:

> Greetings:
>
> Do any of you use wicd? I wish to know how to automatically
> share the wireless on boot. At the moment, the connection
> to the wired setup is automatically done (by dhcpcd/wicd combination).
> But the wireless internet sharing has to be set manually.

What are you asking? I use Wicd, it starts at boot; I have an Internet connection.

-- Thomas Adam


Top    Back


Ben Okopnik [ben at linuxgazette.net]


Sat, 8 Aug 2009 09:32:20 -0500

On Sat, Aug 08, 2009 at 03:21:01AM -0500, Carey Riley wrote:

> Greetings:
> 
> Do any of you use wicd?

Present and accounted for!

> I wish to know how to automatically
> share the wireless on boot. At the moment, the connection
> to the wired setup is automatically done (by dhcpcd/wicd combination).
> But the wireless internet sharing has to be set manually.

Well, NAT and such aren't normally handled by network connection managers - that's not their job (although you certainly could set up a script to be run when you connect.) If you want to set up sharing with, e.g., your wlan0 as the gateway, you need to set up the IP forwarding at your gateway and appropriate routing at your clients. If you then auto-run these scripts at start time, you'll be all set.

As an example, you could do something like this for the gateway NAT script:

#!/bin/bash
# Created by Ben Okopnik on Sat Aug  8 09:23:24 CDT 2009
 
# IP range for which to forward packets
ip=192.168.0.0/16
 
# Enable forwarding in the kernel
echo 1 > /proc/sys/net/ipv4/ip_forward
 
# Flush iptables, just in case of weirdness
iptables -F
 
# Masquerade any outgoing packets
iptables -t nat -I POSTROUTING -j MASQUERADE -s $ip
 
# Forward any packets FOR host (except SpamAssassin)
iptables -I FORWARD -s $ip --protocol tcp --sport ! 783 -j ACCEPT
iptables -I FORWARD -s $ip --protocol udp --sport ! 783 -j ACCEPT
 
# Forward any packets FROM host (except Spamassassin)
iptables -I FORWARD -d $ip --protocol tcp --dport ! 783 -j ACCEPT
iptables -I FORWARD -d $ip --protocol udp --dport ! 783 -j ACCEPT
 
# Display the FORWARD chain as confirmation
iptables -nL FORWARD

Then, on your clients, just make sure that their IPs are in the right range and give them the right routing info. Assuming that your gateway is at 192.168.0.100, that would look like this:

sudo route add default gw 192.168.0.100

At that point, you should be up and running.

-- 
* Ben Okopnik * Editor-in-Chief, Linux Gazette * http://LinuxGazette.NET *


Top    Back


Carey Riley [crileyjm at gmail.com]


Sat, 8 Aug 2009 12:29:01 -0500

All the iptables issues have been cleared - thanks to ufw and the wonderful Arch Wikis. I am pondering using the scripts option to do preconnection.

The issue is while the dsl-pc connection is automagically configged, I have to manually set the NAT-ed internal wireless to 192.168.0.1. Still haven't figured out how to script that part.


Top    Back


Anderson Silva [afsilva at gmail.com]


Sat, 8 Aug 2009 14:04:54 -0400

I know the question is about wicd, but the latest versions of Network Manager allow wireless sharing and it is very easy to set it up. It uses dnsmasq, if you google for it you will find tutorials on how to do it.

AS

-- 
http://www.the-silvas.com


Top    Back


Ben Okopnik [ben at linuxgazette.net]


Sat, 8 Aug 2009 14:19:29 -0500

On Sat, Aug 08, 2009 at 09:32:20AM -0500, Benjamin Okopnik wrote:

> 
> Well, NAT and such aren't normally handled by network connection
> managers - that's not their job (although you certainly could set up a
> script to be run when you connect.) If you want to set up sharing with,
> e.g., your wlan0 as the gateway, [...]
             ^^^^^

Erm, silly thing of me to say - don't know what I was thinking. The interface through which you connect your NAT gateway to the world is, of course, completely irrelevant; its own routing table handles that, and that's generally not something you need to worry about.

-- 
* Ben Okopnik * Editor-in-Chief, Linux Gazette * http://LinuxGazette.NET *


Top    Back


Carey Riley [crileyjm at gmail.com]


Sat, 8 Aug 2009 14:46:02 -0500

On Sat, Aug 08, 2009 at 02:04:54PM -0400, Anderson Silva wrote:

> I know the question is about wicd, but the latest versions of Network
> Manager allow wireless sharing and it is very easy to set it up. It
> uses dnsmasq, if you google for it you will find tutorials on how to
> do it.
> 
> AS

Here is my short story:

- Had Fedora 11 x86-64 running but could not figure how to strip it to known components.

- Changed to Arch64, but some confusion with Avahi - which I was late to discover - caused to reinstall to Arch i686.

Trying to keep the software as thin as I could. So NetworkManager and it's dependencies are out of the question.

Maybe the reason I haven't solved this yet is because of my bad habit of trying to do 5 things simultaeneously. At the moment testing 0install, comparing qemu and VB and trying to migrate my 60GB of data from an EXT3 partition to LVM2 on a total drive space of 80GB. Maybe fsarchiver will do the trick.

Will keep the list posted when I make leeway with the networking.


Top    Back


Carey Riley [crileyjm at gmail.com]


Sat, 8 Aug 2009 14:52:58 -0500

On Sat, Aug 08, 2009 at 02:19:29PM -0500, Ben Okopnik wrote:

> Erm, silly thing of me to say - don't know what I was thinking. The
> interface through which you connect your NAT gateway to the world is,
> of course, completely irrelevant; its own routing table handles that,
> and that's generally not something you need to worry about.

UFW's documentation made that quite easy to accomplish (http://en.wikipedia.org/wiki/UFW) Though there were a few days when I failed to look at the reflection of what goes in must come out [What goes out must come in]. Forgot to allow the answers to the system that sent the request.


Top    Back


Carey Riley [crileyjm at gmail.com]


Sat, 8 Aug 2009 17:32:22 -0500

Besides avoiding dependencies, NM is a stubborn fellow. It loves to interfere with user-specified settings. IPv6 isn't yet supported either, though I don't presently use it. And when NM is disabled it takes the settings with it deeming the old networks daemon useless.

By the way, it seems ipv6 Internet very different from the present protocol. All the pages I visit have dancing logos (well ipv6.google.com).


Top    Back


Thomas Adam [thomas.adam22 at gmail.com]


Sat, 8 Aug 2009 23:35:53 +0100

2009/8/8 Carey Riley <[email protected]>:

> Besides avoiding dependencies, NM is a stubborn fellow. It loves to
> interfere with user-specified settings. IPv6 isn't yet supported either,
> though I don't presently use it. And when NM is disabled it takes the
> settings with it deeming the old networks daemon useless.
>
> By the way, it seems ipv6 Internet very different from the present
> protocol. All the pages I visit have dancing logos (well
> ipv6.google.com).

Some of my colleagues at work have come up with this:

http://areyou.v6ready.info/

IPv6 will happen... whether it's a big thing or not is unclear.

-- Thomas Adam


Top    Back


Carey Riley [crileyjm at gmail.com]


Thu, 13 Aug 2009 22:40:48 -0500

On Sat, Aug 08, 2009 at 09:32:20AM -0500, Ben Okopnik wrote:

> 
> Well, NAT and such aren't normally handled by network connection
> managers - that's not their job (although you certainly could set up a
> script to be run when you connect.) If you want to set up sharing with,
> e.g., your wlan0 as the gateway, you need to set up the IP forwarding at
> your gateway and appropriate routing at your clients. If you then
> auto-run these scripts at start time, you'll be all set.
> 
> As an example, you could do something like this for the gateway NAT
> script:
> 
> ```
> #!/bin/bash
> # Created by Ben Okopnik on Sat Aug  8 09:23:24 CDT 2009
> 
> # IP range for which to forward packets
> ip=192.168.0.0/16
> 
> # Enable forwarding in the kernel
> echo 1 > /proc/sys/net/ipv4/ip_forward
> 
> # Flush iptables, just in case of weirdness
> iptables -F
> 
> # Masquerade any outgoing packets
> iptables -t nat -I POSTROUTING -j MASQUERADE -s $ip
> 
> # Forward any packets FOR host (except SpamAssassin)
> iptables -I FORWARD -s $ip --protocol tcp --sport ! 783 -j ACCEPT
> iptables -I FORWARD -s $ip --protocol udp --sport ! 783 -j ACCEPT
> 
> # Forward any packets FROM host (except Spamassassin)
> iptables -I FORWARD -d $ip --protocol tcp --dport ! 783 -j ACCEPT
> iptables -I FORWARD -d $ip --protocol udp --dport ! 783 -j ACCEPT
> 
> # Display the FORWARD chain as confirmation
> iptables -nL FORWARD
> '''
> 
> Then, on your clients, just make sure that their IPs are in the right
> range and give them the right routing info. Assuming that your gateway
> is at 192.168.0.100, that would look like this:
> 
> ```
> sudo route add default gw 192.168.0.100
> '''
> 
> At that point, you should be up and running.
Thnanks for this. This is like a summary of all I have read. Was reading too late at night/early in the morning, so opted for UFW instead.

Below is what I gather from this script you created. (I haven't tested it yet):

#!/bin/bash
##Originated from Ben Okopnik
##
##The UFW option
##Below should be entered in the /etc/ufw/before.rules 
##Start here (remove comments)
#*nat
#:POSTROUTING ACCEPT [0:0]
 
# Forward traffic from eth1 through eth0.
#-A POSTROUTING -s <ip range> -o eth0 -j MASQUERADE
 
# don't delete the 'COMMIT' line or these nat table rules won't be
## processed
#COMMIT
##End here
##Set DEFAULT_FORWARD_POLICY="ACCEPT" in /etc/defaults/ufw
##UFW can use sysctl.conf options. Enable forwarding from there also.
##My attempt at using ufw as a frontend
#Forward to this range (reduced the subnet size)
ip=192.168.0.0/24
 
#Flush tables
ufw disable
 
#Forwarding rules
ufw allow from $ip
ufw allow to $ip
ufw deny from $ip port 783
ufw deny to $ip port 783
 
#Activate tables, logging and firewall
ufw logging on
ufw enable
 
#Display all chains
ufw show raw
exit

That should do it.

-- 
                                    
My Profile:
[http://www.linkedin.com/in/careyriley]
--------------------------------------


Top    Back


Carey Riley [crileyjm at gmail.com]


Fri, 14 Aug 2009 14:25:47 -0500

Also to clear up a misunderstanding. There is no problem with NAT. The problem is automating iwconfig settings to the Zydas wireless adapter, then automating addressing with wicd.

Here is the process that goes on: boot -> wicd uses dhcpcd -> ufw sets up iptables -> net is ready!

The next step needs automation: (NAT is already functioning; just waiting for the packets) wicd-client -> create ad-hoc network with $ip on chan 11 and internet sharing enabled -> done

I am going to try to flowchart this. I am so not used to programming, I stray away from the recipe when I cook :-(.

-- 
                                    
My Profile:
[http://www.linkedin.com/in/careyriley]
--------------------------------------


Top    Back