WUWA Posted July 17, 2010 Share Posted July 17, 2010 I set up my Fon using these instructions: http://www.hak5.org/w/index.php/Fon_Jasager_Install, and the Fon and Jasager (1.0) seem stable. However, the Fon does NOT give out IP addresses to wireless clients. I have tried several versions of editing /etc/config/dhcp and /etc/dnsmasq.conf, but to no avail. My goal is NOT to IP forward through my laptop. I want to host a website on the Fon and direct clients to that site. I think that I can do that by resolving all addresses in dnsmasq to the localhost via "-A --address=/#/192.168.1.1" So my two tasks are: 1) get the Fon to hand out IPs to clients trying to connect via the wireless 2) change the dnsmasq to resolve all addresses to the local host so that I can point clients to the /www/index.html site. Does anyone know how to set up either of these? Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted July 18, 2010 Share Posted July 18, 2010 (edited) Please use search.... My Fon/Jasager install documentation. 1) Jailbreak Fon (Hak5 Forums) then Using Jasager Firmware 2.1 from digininja using FonFlash.exe or ap51-flash-fonera-gui1.0-42.exe 2) Telnet the fon (192.168.1.1) and 'passwd root' then 'reboot' 3) Use winscp424 and transfer over haserl_0.9.24-1_mips.ipk and webif_0.3-4709_mips.ipk to the /tmp directory on the fon 4) SSH (putty) into the fon and cd /tmp then run 'opkg install haserl...' when completed run 'opkg install webif...' then 'reboot' 5) Edit /etc/config/dhcp list 'dhcp_option' '3,192.168.169.16' **Sets Gateway to Laptop LAN card list 'dhcp_option' '6,8.8.8.8' **Sets DNS to GoogleDNS 6) Edit /karma/www/cgi-bin/functions.rb under "def create_interface()" add the following: system("sleep 1") system("brctl addif br-lan ath0 2>&1 > /dev/null") 7) Login webif, Network tab, DHCP subtab, Disable Bogus Private Reverse Lookups, Disable filterwin2k, Disable Localise Queries ---Save settings and apply 8) Login Webif, Network Tab, Networks subtab, Set IP address 192.168.169.169 with netmask 255.255.255.0 ---Save settings and apply Optional: edit /etc/banner Then Boot BackTrack4 on laptop. connect to wireless access point using network manager. (start-network) then ifconfig eth0 192.168.169.16 check ifconfig make sure both interfaces have IP addresses echo 1 > /proc/sys/net/ipv4/ip_forward sudo iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE login to Jasager interface http://192.168.169.169:1471 turn on ath0 button add your ssid your laptop is getting internet from to the blacklist enable karma Edited July 18, 2010 by Mr-Protocol Quote Link to comment Share on other sites More sharing options...
WUWA Posted July 18, 2010 Author Share Posted July 18, 2010 Please use search.... My Fon/Jasager install documentation. Then I did search, didn't find a solution. I appreciate your reply, but your solution is not what I'm looking for. As I mentioned, I am not IP forwarding through my laptop. I want the Fon to hand out dhcp addresses and DNS replies. Got a suggestion for the /etc/config/dhcp and /etc/dnsmasq.conf to make this work? Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted July 18, 2010 Share Posted July 18, 2010 In the above config, the Fon does give out DHCP. It's dns is using google DNS. If you set your dns to the fon on the clients it will just forward to the next hop of whatever it is plugged into. I don't understand why you are not using forwarding since the fon/jasager is kind of a MITM tool. So you don't want to MITM with it? Quote Link to comment Share on other sites More sharing options...
WUWA Posted July 18, 2010 Author Share Posted July 18, 2010 In the above config, the Fon does give out DHCP. It's dns is using google DNS. If you set your dns to the fon on the clients it will just forward to the next hop of whatever it is plugged into. I don't understand why you are not using forwarding since the fon/jasager is kind of a MITM tool. So you don't want to MITM with it? Correct, I DON'T want to MitM with it, well, not with a connected laptop at least. I want it to be a stand-alone MitM. I want to use Jasager to answer any probes, and have the built-in-website serve up pages with no Ethernet (wired) connection to anything, and resolve all dns queries to the same IP. That is why I want to forward all dns queries to the Fon--it's answering the pages itself. That should be possible with -A --address=/#/192.168.1.1 in the dnsmasq.config but first I have to get the Fon to hand out IPs on the wan. Right now Jasager works, but it connects with just the MAC. I've tried numerous settings to get the FON to hand out IPs on the wan, but it hasn't yet. I have noticed that sometimes dnsmasq handles Linux/Mac/Windows clients differently. It could be an issue that I'm using a iPhone as my troubleshooting victim, but I doubt it. Anyway, I looked at your configuration. Maybe because you are using 2.1 and I'm using Jasager 1.0 yours hands out IPs on the wan by default, but there is nothing in your configuration that sets that up, and mine won't hand out IPs on the wan. Your dhcp configuration put the laptop as the gateway, which I suppose won't hurt since I'm staying on the local subnet, but that is not needed. I just need the dhcp on the wan interface. Thoughts? Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted July 19, 2010 Share Posted July 19, 2010 I put my laptop card on gateway so it would not use my other router or any other router to gateway. I am confused what you are trying to do. If a client connects to it and you dont have it wired to anything, it will not function. Unless you use a virtual WAN adapter setup and have it try to do two connections at once. Quote Link to comment Share on other sites More sharing options...
WUWA Posted July 19, 2010 Author Share Posted July 19, 2010 I put my laptop card on gateway so it would not use my other router or any other router to gateway. I am confused what you are trying to do. If a client connects to it and you dont have it wired to anything, it will not function. Unless you use a virtual WAN adapter setup and have it try to do two connections at once. The question is how do I make dnsmasq hand out an IP address on the wan interface when it is currently not doing that? Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted July 19, 2010 Share Posted July 19, 2010 (edited) I think you need to edit /etc/config/dhcp to make it assign IP's My Config currently config 'dnsmasq' Â Â Â Â option 'domainneeded' '1' Â Â Â Â option 'filterwin2k' '0' Â Â Â Â option 'local' '/lan/' Â Â Â Â option 'domain' 'lan' Â Â Â Â option 'expandhosts' '1' Â Â Â Â option 'nonegcache' '0' Â Â Â Â option 'authoritative' '1' Â Â Â Â option 'readethers' '1' Â Â Â Â option 'leasefile' '/tmp/dhcp.leases' Â Â Â Â option 'resolvfile' '/tmp/resolv.conf.auto' Â Â Â Â option 'boguspriv' '0' Â Â Â Â option 'localise_queries' '0' config 'dhcp' 'lan' Â Â Â Â option 'interface' 'lan' Â Â Â Â option 'start' '100' Â Â Â Â option 'limit' '150' Â Â Â Â option 'leasetime' '720m' Â Â Â Â option 'ignore' '0' list 'dhcp_option' '3,192.168.169.16' list 'dhcp_option' '6,8.8.8.8' config 'dhcp' 'wan' Â Â Â Â option 'interface' 'wan' Â Â Â Â option 'ignore' '1' Â Â Â Â option 'start' '' Â Â Â Â option 'limit' '' Â Â Â Â option 'leasetime' '' I would try changing the wan config to ignore 0, set a start and limit, lease time, give it a gateway and DNS Edit: With the config used above my clients get a 192.168.169.xx IP which is the network the Fon has made. Not sure why my Jasager's time is always off. Edit2: Installed NTP client and time is fixed :P Side note: Win7 picks up the Jasager as "Other Network" Edited July 19, 2010 by Mr-Protocol Quote Link to comment Share on other sites More sharing options...
WUWA Posted July 20, 2010 Author Share Posted July 20, 2010 I think you need to edit /etc/config/dhcp to make it assign IP's My Config currently config 'dnsmasq' Â Â Â Â option 'domainneeded' '1' Â Â Â Â option 'filterwin2k' '0' Â Â Â Â option 'local' '/lan/' Â Â Â Â option 'domain' 'lan' Â Â Â Â option 'expandhosts' '1' Â Â Â Â option 'nonegcache' '0' Â Â Â Â option 'authoritative' '1' Â Â Â Â option 'readethers' '1' Â Â Â Â option 'leasefile' '/tmp/dhcp.leases' Â Â Â Â option 'resolvfile' '/tmp/resolv.conf.auto' Â Â Â Â option 'boguspriv' '0' Â Â Â Â option 'localise_queries' '0' config 'dhcp' 'lan' Â Â Â Â option 'interface' 'lan' Â Â Â Â option 'start' '100' Â Â Â Â option 'limit' '150' Â Â Â Â option 'leasetime' '720m' Â Â Â Â option 'ignore' '0' list 'dhcp_option' '3,192.168.169.16' list 'dhcp_option' '6,8.8.8.8' config 'dhcp' 'wan' Â Â Â Â option 'interface' 'wan' Â Â Â Â option 'ignore' '1' Â Â Â Â option 'start' '' Â Â Â Â option 'limit' '' Â Â Â Â option 'leasetime' '' I would try changing the wan config to ignore 0, set a start and limit, lease time, give it a gateway and DNS Edit: With the config used above my clients get a 192.168.169.xx IP which is the network the Fon has made. Not sure why my Jasager's time is always off. Edit2: Installed NTP client and time is fixed :P Side note: Win7 picks up the Jasager as "Other Network" Now we are getting somewhere--the /etc/config/dhcp, like I initially thought. I've tried changing the wan config to ignore 0, setting a start and limit, lease time etc., and it still didn't assign an IP. I don't need a gateway and DNS since it is a stand-alone. I do have a question on the Lan and Wan. Both of yours 192.168.169.xx... did you just change them because the subnet conflicted with your network? I think that both the wan and lan need to be on the same subnet because the Lan and Wan are bridged, right? Anyway, I'll try your config with 192.168.1.x, but leave off the dhcp_options 3 and 6 (gw/dns). Are there any other files besides /etc/config/dhcp and /etc/dnsmasq.conf that you think may need to be changed to enable dhcp to the wan? Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted July 20, 2010 Share Posted July 20, 2010 (edited) I set the network to be 192.168.169.x because I have a 192.168.1.x network. Sometimes it may be 192.168.0.1 so I picked something off the wall to use. That way if i connect to wifi on my laptop the IP wont be in the same subnet as crossover LAN port on my laptop which the Fon/Jasager is using. Setup forwarding and problem solved. Wan and LAN are usually separated. Some routers have a LAN ip of 192.168.1.x and WAN for wireless users 192.168.0.x As far as I think of. Yes they have to be on the same subnet if you bridge them. If you forward I don't think they have to. If your fon does not have a DHCP or DNS then you just want all your wireless users to connect to eachother? Nothing in the WAN RJ45 port on the Fon/Jasager? Edited July 20, 2010 by Mr-Protocol Quote Link to comment Share on other sites More sharing options...
WUWA Posted July 20, 2010 Author Share Posted July 20, 2010 I set the network to be 192.168.169.x because I have a 192.168.1.x network. Sometimes it may be 192.168.0.1 so I picked something off the wall to use. That way if i connect to wifi on my laptop the IP wont be in the same subnet as crossover LAN port on my laptop which the Fon/Jasager is using. Setup forwarding and problem solved. Wan and LAN are usually separated. Some routers have a LAN ip of 192.168.1.x and WAN for wireless users 192.168.0.x As far as I think of. Yes they have to be on the same subnet if you bridge them. If you forward I don't think they have to. If your fon does not have a DHCP or DNS then you just want all your wireless users to connect to eachother? Nothing in the WAN RJ45 port on the Fon/Jasager? So yours are on separate networks by default? I didn't do anything special to bridge them--I thought they were bridged by default=same network. The webif says lan configuration is bridged (by default). Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted July 20, 2010 Share Posted July 20, 2010 I'm not all sure what webif modifies. But inside the fon/jasager. Both interfaces are on the same subnet/lan range. So is my network port on my laptop i use to forward the traffic to whatever network my wireless connects to. Quote Link to comment Share on other sites More sharing options...
WUWA Posted July 20, 2010 Author Share Posted July 20, 2010 I'm not all sure what webif modifies. But inside the fon/jasager. Both interfaces are on the same subnet/lan range. So is my network port on my laptop i use to forward the traffic to whatever network my wireless connects to. Thanks for your help, I really do appreciate it. Your posts led me to try out the GUI to get dnsmasq.conf configured and using that I got it all working. If you want to see it, go to http://beboblog.johnbebo.com/2010/03/13/fo...nd-jasager.aspx Don't mind the formatting of the site... Godaddy has a way of messing it up on me after I've posted it. Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted July 20, 2010 Share Posted July 20, 2010 Ahh now I understand what you were trying to do. I added a NTP Client to mine so it got the correct date and time. Somewhere on the forums here is a spot were it says where you can add scripts to run on startup. I think it may be coded in Ruby. Quote Link to comment Share on other sites More sharing options...
WUWA Posted July 20, 2010 Author Share Posted July 20, 2010 Ahh now I understand what you were trying to do. I added a NTP Client to mine so it got the correct date and time. Somewhere on the forums here is a spot were it says where you can add scripts to run on startup. I think it may be coded in Ruby. Got it. I just had to add this to the end of the start section of /etc/init.d/karma_ui wlanconfig ath0 create wlandev wifi0 wlanmode master & ifconfig ath0 192.168.1.2 up & iwpriv ath0 karma 1 & Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.