# wpa_supplicant -- scanning problems

## der bastler

Hardware setup at home:

router/AP -- Linksys WRT54GS; WPA-PSK, no SSID broadcast

client -- Netgear WG511 v3 made-in-china (PCMCIA card; needs ndiswrapper)

Software versions: 

net-wireless/wpa_supplicant-0.3.8

net-wireless/ndiswrapper-1.1-r1

sys-apps/baselayout-1.11.13

Configurations:

/etc/wpa_supplicant.conf

```
ctrl_interface=/var/run/wpa_supplicant

ctrl_interface_group=0

eapol_version=2

ap_scan=2

fast_reauth=1

network={

        ssid="xxx"

        scan_ssid=1

        key_mgmt=NONE

        wep_key0="xxx"

        priority=0

}

network={

        ssid="yyy"

        scan_ssid=1

        pairwise=TKIP CCMP

        group=TKIP CCMP

        proto=WPA

        key_mgmt=WPA-PSK

        psk="yyy"

        priority=5

}
```

/etc/conf.d/wpa_supplicant

```
INTERFACES="wlan0"

ARGS="-w"
```

/etc/conf.d/net

```
config_eth0=( "dhcp" )

dhcpcd_eth0=( "-t 10 -R" )

modules_wlan0=( "wpa_supplicant" )

wpa_supplicant_wlan0="-Dndiswrapper"

wpa_timeout_wlan0=15

config_wlan0=( "dhcp" )

dhcpcd_wlan0=( "-t 10 -R" )
```

With ap_scan=1 wpa_supplicant throws something like this

```
ioctl[SIOCSIWSCAN{,EXT}]: No such device

Failed to initiate AP scan.
```

With ap_scan=2 wpa_supplicant ought to check its network block list, but instead it repeats only the first entry:

```
Trying to associate with SSID 'xxx'

Authentication with 00:00:00:00:00:00 timed out.

Trying to associate with SSID 'xxx'

Authentication with 00:00:00:00:00:00 timed out.

Trying to associate with SSID 'xxx'
```

(SSID deleted, in every case it is the first on the list)

Upgrading towards wpa_supplicant-0.4something is not possible because the compilation of wpa_gui fails...

If I use ap_scan=2 I can use one entry (the first network block), but that is no solution either because this laptop needs to connect to at least two different access points ("home" and "work"). 

Anyway, with ap_scan=2 plus a different order of the network blocks I can associate with my Linksys AP by calling wpa_supplicant directly --but that's all, configuration of wlan0 fails. The wpa_supplicant init script fails, too. 

To mention: I'm using the combination WG511+ndiswrapper+WEP (via /etc/conf.d/wireless) for more than half a year now at work (WLAN needed to talk to robot at lab), without any problem. Setup was mere child's play. 

Setting up WPA this weekend was a pita, resulting in multiple kernel builds and --in the end-- a new glibc (wpa_supplicant failed to compile with my glibc-version, but that dependency was listed nowhere).

I switched of WLAN at my router for now and returned to my old lab-WEP-config. Insecure WLAN at work, no WLAN at home. *sigh*

----------

## Kruegi

Reactivate the SSID broadcast!

It does not give security but problems.

Thomas

----------

## der bastler

SSID broadcast is still off, however I'm writing this comment over WLAN right now!

What did I do?

* fetched newest gentoo-sources kernel 

* patched with wireless extensions 18 (http://www.hpl.hp.com/personal/Jean_Tourrilhes/Linux/iw_we18-5.diff)

* recompiled kernel, wpa_supplicant (stable), wireless-tools (stable), ndiswrapper (~x86)

* used ap_scan=2

```
ctrl_interface=/var/run/wpa_supplicant

ctrl_interface_group=0

eapol_version=1

ap_scan=2

network{

...

}
```

This way my PCMCIA card can at least connect to the first network block in the list, using WPA-PSK with CCMP... even hotplug works!

But with ap_scan=2 the other network blocks are skipped. According to the changelog of the development branch

http://hostap.epitest.fi/cgi-bin/viewcvs.cgi/*checkout*/hostap/wpa_supplicant/ChangeLog?rev=HEAD&content-type=text/plain

this behaviour is fixed in 0.4.2...

...which I cannot use. Explanation: the next possible version would be 0.4.3, which

a) is masked (ok, that would not stop me),

b) needs baselayout-1.11.13 (buggy; has problems finding wireless tools/wpa_supplicant),

c) fails to compile due to an error in wpa_gui (updating QT did not solve this).

I guess patience is a virtue...

--

Using ap_scan=1 results in a new scan error:

```
ioctl[SIOCSIWSCAN{,EXT}]: argument list too long

Failed to initiate AP scan.
```

With the old setup it was complaining about no device, no it grumbles because of too many arguments. Seems it is getting better, eh?  :Rolling Eyes: 

----------

## der bastler

As long as ap_scan=1 is not working for me I did a small work-around:

setup:

sys-kernel/gentoo-sources-2.6.12-r6

net-wireless/wpa_supplicant-0.3.8

net-wireless/wireless-tools-27

net-wireless/ndiswrapper-1.2

(All SSIDs, keys or non-192.168 IPs were masked)

/etc/conf.d/net

```
# This blank configuration will automatically use DHCP for any net.*

# scripts in /etc/init.d.  To create a more complete configuration,

# please review /etc/conf.d/net.example and save your configuration

# in /etc/conf.d/net (this file :]!).

#### cfg options for primary nic eth0 ####

config_eth0=( "dhcp" )

dhcpcd_eth0=( "-t 10 -R" )

### cfg options for wifi nic wlan0 ###

modules_wlan0=( "dhcpcd" "wpa_supplicant" )

wpa_supplicant_wlan0="-Dndiswrapper"

wpa_timeout_wlan0=10

### parameters of home wlan ###

config_HOMESSID=( "dhcp" )

dhcpcd_HOMESSID=( "-t 10 -R" )

### parameters of lab wlan ###

config_LABSSID=( "dhcp" )

dhcpcd_LABSSID=( "-t 10 -R" )

routes_LABSSID="-net 192.168.1.0 netmask 255.255.255.0 gw XXX.XXX.XXX.XXX wlan0"

### before net startup: do custom ssid scan     ###

### resulting in a tailored wpa_supplicant.conf ###

preup() {

        if [ ${IFACE} == "wlan0" ]; then

                # get list of ssids

                ssid_vis=`iwlist wlan0 scan | grep SSID`

                # initialise lab_ssid flag

                lab_ssid="no"

                # for every field in ssid string...

                for ssid_val in $ssid_vis; do

                        # test if lab ssid is matched and set flag

                        if [ "$ssid_val" == 'ESSID:"LABSSID"' ]; then

                                lab_ssid="yes"

                        fi

                done

                # create wpa_supplicant.conf

                if [ "$lab_ssid" == "yes" ]; then

                        cat /etc/wpa_supplicant.conf.base > /etc/wpa_supplicant.conf

                        cat /etc/wpa_supplicant.conf.lab >> /etc/wpa_supplicant.conf

                else

                        cat /etc/wpa_supplicant.conf.base > /etc/wpa_supplicant.conf

                        cat /etc/wpa_supplicant.conf.home >> /etc/wpa_supplicant.conf

                fi

                # hide contents (keys,ssids) to non-root users

                chmod og-r /etc/wpa_supplicant.conf

        fi

        return 0

}

### after net startup: switch on wlan led ###

postup() {

        if [ ${IFACE} == "wlan0" ]; then

                echo 1 > /proc/acpi/asus/wled

        fi

        return 0

}

### after net shutdown: switch off wlan led ###

postdown() {

        if [ ${IFACE} == "wlan0" ]; then

                echo 0 > /proc/acpi/asus/wled

        fi

        return 0

}
```

/etc/wpa_supplicant.conf.base

```
##### wpa_supplicant configuration file ########################################

# Empty lines and lines starting with # are ignored

#

# NOTE! This file may contain password information and should probably be made

# readable only by root user on multiuser systems.

################################################################################

#-------------------------------------------------------------------------------

# global configuration (shared by all network blocks)

#-------------------------------------------------------------------------------

ctrl_interface=/var/run/wpa_supplicant

#-------------------------------------------------------------------------------

# Access control: only root permitted

#-------------------------------------------------------------------------------

ctrl_interface_group=0

#-------------------------------------------------------------------------------

# IEEE 802.1X/EAPOL version (1=compatibility, new: 2)

#-------------------------------------------------------------------------------

eapol_version=1

#-------------------------------------------------------------------------------

# AP scanning/selection

# 1: wpa_supplicant initiates scanning and AP selection

# 0: driver takes care of scanning, AP selection, WPA IE...

# 2: like 0, but associate with APs using security policy and SSID

#-------------------------------------------------------------------------------

ap_scan=2

#-------------------------------------------------------------------------------

# EAP fast re-authentication (1/0)

#-------------------------------------------------------------------------------

fast_reauth=1

#-------------------------------------------------------------------------------

# network blocks

#-------------------------------------------------------------------------------
```

/etc/wpa_supplicant.conf.lab

```
#-------------------------------------------------------------------------------

# lab network block

#-------------------------------------------------------------------------------

network={

        ssid="LABSSID"

        scan_ssid=0

        key_mgmt=NONE

        wep_key0="LABKEY"

        priority=0

}

```

/etc/wpa_supplicant.conf.home

```
#-------------------------------------------------------------------------------

# home network block

#-------------------------------------------------------------------------------

network={

        ssid="HOMESSID"

        scan_ssid=0

        pairwise=CCMP TKIP

        group=CCMP TKIP

        proto=WPA

        key_mgmt=WPA-PSK

        psk="HOMEWPAKEY"

        priority=5

}
```

---

What does this do? Before bringing up wlan0 the preup function calls "iwlist scan" and greps all SSID-related output. Afterwards a for-loop checks every found ESSID:""-entry. If the lab's SSID is found, a flag is set.

Finally wpa_supplicant.conf is created by concatenating a base file and a file holding the appropriate network block.

Additionally the functions postup and postdown are used to switch on the WLAN led on my ASUS L3500D laptop (eyecandy, I know).

Besides the SSID the APs MAC address could be used for identification and generation of wpa_supplicant.conf (as posted above, my home access point does not broadcast its SSID).

----------

## der bastler

I could not stop scripting...

How to activate the mail LED on an ASUS notebook using sylpheed-claws and bash

Files needed:

/home/frank/audio/mailcall.wav

 *Quote:*   

> A sound bit with a "Mailcall!" announcement. 
> 
> Various wavs can be found on the net, e.g. at http://www.clayloomis.com/mailcall.html

 

/home/frank/audio/mailcall.sh

```
#!/bin/bash

aplay /home/frank/audio/mailcall.wav

quitflag="false"

while [ "$quitflag" == "false" ]; do

        anzahl=( $(sylpheed-claws --status) )

        if [ ${anzahl[0]} == "0" ] && [ ${anzahl[1]} == "0" ]; then

                quitflag="true"

        fi

        echo 1 > /proc/acpi/asus/mled

        sleep 0.25

        echo 0 > /proc/acpi/asus/mled

        sleep 0.25

        echo 1 > /proc/acpi/asus/mled

        sleep 0.25

        echo 0 > /proc/acpi/asus/mled

        sleep 0.25

done
```

Make this script executable:

```
chmod +x mailcall.sh
```

In Sylpheed-Claws, go to the properties dialog and enter your mailcall.sh command in General->Receive->New-Messages-Command. 

In my case I placed

```
/home/frank/audio/mailcall.sh
```

in the edit line (full path needed).

Now every time you get new mail in sylpheed-claws this script will be called, producing an accustic signal. Your blue mail LED will blink until all messages are read.

--

What does this script do? First it plays given wav file to make an accustic announcement ("Mailcall!", "You've got new spam!" or whatever you like...). Then it checks for new or unread messages by calling "sylpheed-claws --status". If there are new or unread messages the quitflag remains unchanged, otherwise it gets set to "false".

Finally the mail LED of the notebook is activated by sending 0s and 1s to /proc/acpi/asus/mled.

Status check and LED blinking will continue until there are no new or unread messages left.

----------

