Bsd routers
0 likes273 views
The document discusses setting up a FreeBSD router to act as a captive portal, wireless router, and firewall. It provides recommended hardware, installation instructions, and steps to configure the wireless card and set up the captive portal. The router allows administering a UNIX system with practical applications while continuing to learn.
Bsd routers
- 1. FreeBSD Wireless Captive Portal Written by: Justin Wilde Every IS and CS major should have their own server that they maintain and administrate. The problem comes in choosing a platform that will have both a practical application and yet still allow the administrator to continue learning. A UNIX based router is one such solution. It is a piece of hardware you can interact and learn with daily. A variety of useful tools will be at your finger tips from web caching to firewall rule creation. Here are a few other advantages of building your own BSD router: Upgradeable and repairable More robust and adaptable Hands on experience with a Unix based system Added Security What the future holds for a Unix/Linux based system is in large part only limited by the user’s skill and imagination. In this tutorial we will be using pfSense, a distribution based on FreeBSD 6.2. The server will act primarily as a captive portal, wireless router, and firewall. For those not familiar with the terminology, a captive portal reroutes all internet access requests to an authentication page. Once the user has authenticated, they can browse the web freely until their session ends, or they logout. This is just one of several different roles the system will be capable of taking. Many of the components have been removed to allow use with embedded devices, and to increase the overall performance. Despite this, the FreeBSD package system (pkg_add) is still available which keeps your possibilities open. Recommended Hardware Items to have on hand: Pentium 3 or equivalent AMD Processor 256 MB RAM 10 GB Hard Drive 1 Intel or 3com Network Card 1 Atheros based wireless NIC (Check compatibility at http://madwifi.org/wiki/Compatibility) 1 CD-ROM 1 PFSense Live CD (Download at: http://pfsense.untouchable.net/downloads/pfSense-1.2-BETA-1-LiveCD- Installer.iso.gz or visit www.pfsense.com) You can check any piece of hardware you aren’t sure about using this resource: http://www.freebsd.org/releases/6.1R/hardware-i386.html Instructions
- 2. Installation 1. Start by entering you computer Bios and set your CD-Rom as the first boot device. Most bios will indicate which key to press to enter setup. 2. Allow approximately 1 minute for the system to load to the interface assignment screen. 3. When prompted if you want setup VLANs press the letter n and then enter on the keyboard. 4. Choose your LAN interface by putting in its three letter abbreviation and pressing enter. The abbreviations are shown above with their corresponding MAC addresses. Note that if you are building a wireless router, you should select the Ethernet interface here. 5. Type the abbreviated name for the interface you want to be the WAN and press enter. 6. Mark y and press enter to proceed afterwards. 7. Wait for the menu to load, and type 99 and press enter to start the install. 8. Press enter on Accept the video settings and then again on Install pfSsense 9. Select the hard drive you want to install pfSense on. 10. Press enter on Format this Disk, Use this geometry, Format (Disk name) 11. Press enter again on the Partition the Disk, Accept and create, Yes partition, and OK. 12. Now select accept and install the bootblocks, select OK, select the primary partition (usually the top partition), select OK, and select OK again. 13. Select Accept and create using the default swap setting unless you have a reason to make them larger. 14. The install process should start at this point. If for some reason it fails jump down to install troubleshooting. 15. After it finishes, select reboot, and make sure to take the CD out of the system. Troubleshooting 1. Enter the bios and change your hard drive access mode to LBA. 2. When you are presented with different boot options, select the boot option with ACPI disabled. Also see the pfSense wiki: http://wiki.pfsense.com/wikka.php?wakka=BootTroubleShooting Configuring the router 1. Wait for the router to full reboot, you should get the same menu, if you had to boot with ACPI disabled. You can turn it off permanently by selecting option number 8 from the menu and executing the following command: echo "hint.acpi.0.disabled=1" >> /boot/loader.conf 2. Connect your computer to the LAN interface of the router, note that most computers will require a crossover cable to do so. You may also use standard network cables with a switch or a hub to connect to the system. You should receive an address on the 192.168.1.0/24 network. 3. Open your web browser and point it to http://192.168.1.1. The default username and password is admin/pfsense. 4. Using the mouse, select system, setup wizard. The system will then guide you through a basic setup process. Configuring the Wireless Card:
- 3. 1. As the web interface is somewhat limited, get into the pfSense terminal and execute the following commands: cd /usr/local/etc/rc.d vi wireless.sh put in the following lines: sysctl dev.ath.0.txantenna=1 sysctl dev.ath.0.txantenna=1 sysctl dev.ath.0.diversity=0 Save the file, and use chmod to make it readable and executable. This file will be executed each time the system starts. It will indicate that you only have one antenna and you want to transmit and receive on both. You may also add this to the main config.xml file, but that is beyond the scope of this document. For more information on wireless settings visit: http://doc.pfsense.org/index.php/Wireless_networking_with_pfSense 2. Using the web interface again, go to WAN, Interfaces. Enter the desired setting as instructed. 3. Go to Interface, (assign), and swap cards making the LAN > WAN and vice versa. 4. Connect to the access point with the SSID that you indicated on the setup page. 5. To check your wireless performance, use the Status > Interfaces > LAN page. Each card will vary in the required configuration, work with the configuration until you aren’t receiving In/Out errors. Setting up the captive portal 1. In the administration interface, go to services, then captive portal and check enable. 2. Create a login page using the form variables provided in the upload instructions within the web interface. This is found further down the captive portal page. 3. Upload your page to the captive portal, and enable the local user manager. 4. Add the users through the “users” tab. 5. Make sure your computer’s DNS is set to the firewall IP address. 6. Open a web browser; and you should be redirected to the page you created. 7. Try and login using the username and password you made on the portal page. 8. If all went well you will be passed through to the redirect page you specified or your browsers homepage. Download the latest updates for the system at the following address: http://snapshots.pfsense.org/FreeBSD6/RELENG_1_2/updates/ For an opportunity to help in the development of this project, the web forum is a great place to start. It presents the opportunity to apply some of what you have learned, extend that knowledge, and allow others to benefit from it. Visit www.pfsense.com and take a shot at giving something back to the open source community.