cqure ap - The trinux based "one floppy" ap by Patrik Karlsson
--------------------------------------------------------------

This document will try to describe the configuration and options
of cqure ap. It is still very incomplete and maybe unclear.
Please feel free to add information to it or send me information
on what you want improved. patrik@cqure.net.

Most of the options are controlled from /tux/options on floppy1.
When an option is turned on, by placing a file with the option
name in the folder, it reads its configuration from /tux/config.
The configuration file should have the same name as the option.

Currently the following options are supported:

dhcpd    - activate the dhcpdaemon
firewall - activate the firewall script
bridge   - run in bridged mode. If not present run in gateway mode.

Under /tux/config/net there are 4 folders ifaces, bridges, routes
and samples. Ifaces contains configuration about the interfaces
present on the host. Typically wlan0 and eth0. The bridges folder
holds information on how bridgeing is supposed to be set up on the
ap. This config only has effect if the bridge option is activated
on the ap. The routes folder holds all routing information, such
as default gateway for example.

Running in bridged mode
-----------------------
1. Create a file named bridge in /tux/options
2. Create a file named br0 in /tux/config/net/bridges containing:

BRIF1="eth0"		- this is the first interface to be bridged.
			  In most cases eth0 will do fine. Check what
			  the name of your interface is.
BRIF2="wlan0"		- this is the second interface to be bridged.
			  Most probably wlan0.
BRIP="123.123.123.123" 	- This is the IP of the bridge createt.

You are set to go ...

Running in gateway mode
-----------------------
1. The ap will automatically run in gateway mode if the bridge file
   is missing in /tux/options. See "running in bridged mode"

2. If you want to have masquerading then create a file called
   firewall in the /tux/options folder. The firewall rules are in
   /tux/config/firewall.

Modifying the firewall rules
----------------------------
The firewall rules are stored in the file /tux/config/firewall
It is a iptables based firewall and the documentation is available
from http://www.iptables.org
There are plenty of example iptables scripts available on the
internet that could point you in the right direction if you are
new to this. Please supply your firewall scripts, so that I can
include them as samples to patrik@cqure.net

Adding support for dhcp server
------------------------------
1. "bind" the interface to the dhcp daemon by adding DHCPD="eth0 wlan0"
   to the /tux/config/bindings file. This will enable the dhcpdaemon
   on interface eth0 and wlan0. If you only want to have dhcp active
   on eth0 use DHCPD="eth0".

2. Set the dhcpd option to true by creating a file named dhcpd
   in /tux/options/dhcpd

3. Configure the dhcp daemon by modifying the /tux/config/dhcpd
   file to reflect your setup.

Configuring network interfaces
------------------------------
Depending on if the interface you are configuring is a wireless
interface or not there are a few differences. Here is a sample
configuration for a wireless interface:

ESSID="foobarnet" 	-- the network name
ENCKEY="12345"    	-- the encryption key (wep)
RATE="11M"	  	-- the speed of the network
CHANNEL="3"       	-- channel of network
IP="192.168.123.111"	-- the ip of the interface, set this to
			   IP="dhcp" to use dhcp for this interface.
NETMASK="255.255.255.0" -- the netmask of the network
MODE=""			-- the wireless mode of the interface

For a nonwireless interface you would basically just need IP and
subnetmask.

Configuring routing information
-------------------------------
The routing configuration is stored under /tux/config/net/routes.
Simple add a new file containing appropriate information about
the route you are adding. You may or may not need to configure
this depending on if you are running dhcp or not. Here is a sample
routing entry:

TARGET="-net"		  -- we are adding a route to a whole net
			     use -host here if you are adding an
			     entry for a single host.
NETWORK="default"	  -- the network we are routing to. This is
			     usually an IP e.g 123.123.123.123. Here
			     we are adding the default gateway.
GATEWAY="192.168.123.1"   -- which gateway should we use to reach
			     this network.
METRIC="1"		  -- distance
DEVICE="wlan0"		  -- which interface should we add the route
			     to




----------------------------------------------------------------------
						patrik@cqure.net