MavEtJu's Distorted View of the World - Free Internet

FreeBSD laptop as a Wireless Access Point for an iPhone
Training in San Francisco (part 2)
Free Network Access at Magenta Shores

Back to index

FreeBSD laptop as a Wireless Access Point for an iPhone

Posted on 2011-01-12 18:00:00
Tags: FreeBSD, 3G, Networking, Free Internet, iPhone

Recently I was on a holiday where the provider of my iPhone had no signal, but where the provider of my 3G modem for the laptop did have a signal. At least my glass was half-full!

In the past I have tried to setup Bluetooth between my laptop and my iPhone, and that resulted in a night of hard work and no effort. This time I tried a different approach: Instead of using Bluetooth for communication, I transformed the FreeBSD laptop into a wireless access point.

The command to change the wireless card from a normal client to a wireless access point are:

[~] edwin@lappie>cat wlan-iphone
#!/bin/sh

ifconfig wlan0 destroy
ifconfig wlan0 create \
	wlandev ath0 \
	wlanmode hostap \
	bssid \
	authmode open \
	ssid "My iPhone WiFi"

ifconfig wlan0 up
ifconfig wlan0 inet 10.0.0.1 netmask 255.255.255.0
sleep 1

sysctl -a net.inet.ip.forwarding=1

service isc-dhcpd restart

Notes:

The 3G connection is setup via ppp(8) and to enable NAT on the outgoing packets, you need to enter the following command or add it to the right label in your ppp.conf:

ppp ON lappie> dial
Ppp ON lappie>
PPp ON lappie>
PPp ON lappie> Warning: 0.0.0.0/0: Change route failed: errno: No such process
PPP ON lappie> nat enable yes
PPP ON lappie> 

And to make sure that the connected clients get their IP address, you should run the ISC DHCP server with for example the following configuration:

option domain-name "";
option domain-name-servers 8.8.8.8;

default-lease-time 150;
max-lease-time 300;

ddns-update-style none;

authoritative;

log-facility local7;

subnet 10.0.0.0 netmask 255.255.255.0 {
        range 10.0.0.10 10.0.0.99;
        option routers 10.0.0.1;
}

Notes:

Everything is working now, your glass is full again! :-)


Show comment | Share on Facebook | Share on Twitter

Training in San Francisco (part 2)

Posted on 2008-11-02 07:00:00
Tags: Travelling, San Francisco, Free Internet, Cycling, Trains

The first part of my trip to San Francisco went easy and successfull: Customs in Australian didn't search my bag, the plane left on time (I watched (Video On Demand with Qantas is great) the movie "Where is Osama Bin Laden" by the same guy who did "Supersize Me" I think and the Australian movie "Cosi", both movies worth mentioning) and except for some nasty bumps over a couple of minutes it was all smooth, customs in the USA didn't ask too many questions (I guess I am just a statistic for them), my luggage was there on the caroussel when I was ready and the hotel was not too far away from the Montgomery station and the weather was nice (read on for more on that one...). With regarding to forgotten luggage: razor blades and socks: I only brought one pair of socks!

To go from the airport to the hotel I decided to go by train with BART, or Bay Area Rapid Transit for long. For U$ 5.35 (otherwise US$ 30.- for a taxi) you can't complain too much. The trains are clean and not too slow, but they make an awful noise when going around bends, so much that it started to hurt my ears. Note for people who need to keep receipts to bill back to work: Make sure you put 5 dollar-cents more on your ticket so you get it back when going through the final gates. I am not yet sure how to go from here to Sunnyvale, since the BART railroad doesn't go so far south.

The Courtyard Marriott hotel has free internet, but it requires a daily recharge, which comes by going to the frontpage and clicking on "1 Day Free Internet". The good news is that there is wireless network support too and that is used for the Riverbed provided laptop. If you are overseas and the people you try to call don't have Skype or internet access available, use the Skype dialout service! For three cents per minute I could talk to my wife and children yesterday (I know, this sounds like a bad ad)

The weather... It was wet, very wet. So I didn't do much walking outside yesterday due to ENOUMBRELLA. But I did walk through it to get some tea bags (the hotel does have free coffee but no free tea and the waterboiler, due to its use in the previous years, is now smelling like coffee even if there is no water in it) which ended up in an hour walk through the suburbs and I acually enjoyed having gotten my hair wet like this, it has been ages ago since that happened. Today (Sunday 07:00, DST stopped here today so I have one hour more today) it is dry so far but still a 40% chance of rain.

So what is on the menu for today? First I want to have breakfast because I'm hungry like a wolf, then I'm going to find a place which will rent me a bicycle so I can cycle over the Golden Gate bridge, buying some more socks and then I will meet up with some people of the FreeBSD project.


No comments | Share on Facebook | Share on Twitter

Free Network Access at Magenta Shores

Posted on 2008-04-27 22:00:09, modified on 2008-04-27 22:00:00
Tags: Networking, Free Internet

I had the luxury of a short break at the Magenta Shores near Tuggerah Lake and being for four days away without internet access is a real challenge. But nothing to worry about, the hotel has internet access for an outrageous price. So, how does their network work?

IP address allocation is easy: Use DHCP and you get an IP address out of the 10.0.0.0/21 range. Your default gateway is a FreeBSD box which blocks all traffic except ICMP and DNS and listens on port 3128 (with a Squid proxy), port 80 (Apache + mod_php), port 53 (DNS), port 22 (SSH), port 25 (SMTP) and port 21 (a non-anonymous FTP server).

The first /24 of the /21 has a couple of other IP addresses in it which respond to pings, but it all were switches. With passwords.

So, what fun can we have?

First, the SMTP server is forwarding all messages to the internet: You can send email but you can't receive it.

The proxy server is properly locked, I couldn't find a way around it. All traffic towards it was redirected to the webserver on the default gateway asking for your password. In the root of the webserver was a menu for hotel management and system management, but it was all password protected.

The DNS service on the default gateway is working too, and... port 53/UDP is unblocked! I bought half an hour of internet time from them, used the SSH over the HTTP/CONNECT trick and seven minutes later I had an OpenVPN link up and running through that hole. I had been thinking about using the DNS tunneling application, but I would never manage to get that up and running in the half hour I paid for.

Just running tcpdump itself shows that there is a lot of multicast traffic being broadcasted by the default gateway. Unfortunately mplayer couldn't make sense of it. The traffic was most likely for the boxes connected to the TV (and the network of course): Resetting one gave a DHCP request and an IGMP join packet. The boxes itself were without brand, name, type or anything else useful to identify them: I didn't open them because they were attached with tie-straps which I couldn't replace.

And the last thing I did was running traceroute in firewall evasion mode. After the default gateway came an 192.168.1.1 address and then an iiNet broadband connection. Funny that they didn't manage to change the 192.168. address to an 10. address.


Show 2 comments | Share on Facebook | Share on Twitter