Picking Specific AP in Site Survey (Client Mode)

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
Author Message
hkphooey
DD-WRT Novice


Joined: 17 Sep 2007
Posts: 5

PostPosted: Mon Sep 17, 2007 2:15    Post subject: Picking Specific AP in Site Survey (Client Mode) Reply with quote
Hi all

First of all I've got to say I've been using DD-WRT for a couple of years already and love it. The fact that this is my first post in the forum is a testament to how well it works.

However I've just come across a problem which I can't figure out a workaround for, so hopefully someone can think of a cunning solution.

I've got my DDWRT box in Client Mode. It was happily connecting to my friend's box a few blocks away, with the SSID of <sigh> linksys. All was working well until another neighbour came on the scene with a box also called linksys. Now my Client Mode DDWRT box associates itself with the neighbour's AP instead of my friend's.

The two APs are running on different channels. They have different MAC addresses. I figure there must be a way to use this info to get my Client to associate with the correct AP. For reasons too long and boring to go into here, simply changing the name of the AP is not an option.

I've looked at the code of the Site Survey page. It seems this only passes the name of the AP to the DDWRT box to allow it to find the correct AP. I've also SSHed into the DDWRT box and found the 'wl' command, which I'm guessing the Site Survey page talks to. I can't find any options in there to force the box to associate by channel or MAC address. Any other command line ninja I can try?

I've also experimented with Wireless MAC blocking via the web admin interface. While this stops the Client mode DDWRT box from associating with the wrong AP, it won't keep trying until it finds the other 'linksys'.

I've also looked at using iptables to block the wrong AP, but can't find the right combination of commands. According to the man page I should be able to use something like:
iptables -A INPUT --mac-source 11:22:11:22:11:22 -j DROP
but I can't get that to work.

Any clues, hints, lightbulbs of enlightenment would be most gratefully received.
Sponsor
GeeTek
DD-WRT Guru


Joined: 06 Jun 2006
Posts: 3763
Location: I'm the one on the plate.

PostPosted: Mon Sep 17, 2007 3:14    Post subject: Reply with quote
The other firmware available has the same problem, but in reverse, it associates by MAC and channel which is what you need, not SSID. I use one or the other firmware depending on the particular need. Sometimes you need one method, sometimes the other. The first firmware to make client modes associate by a combination of the 3 variables, MAC, SSID and Channel will really pull ahead in this department. If one of the 3 fields is blank, the radio treats it as a wild card. If all 3 are blank, it should associate with the strongest open AP.
_________________
http://69.175.13.131:8015 Streaming Week-End Disco. Station Ripper V 1.1 will do.
rift
DD-WRT Novice


Joined: 18 Sep 2007
Posts: 2

PostPosted: Tue Sep 18, 2007 2:32    Post subject: Reply with quote
What is this other f/w available you speak of? I have the same issue and it is driving me crazy. There are 5 people using "linksys" ssid in my complex and bridge mode always connects to the one with the strongest signal even though this isn't necessarily the best AP to connect to. Is there a f/w that will allow me to specify a mac/ssid combo to connect to instead of relying on just the ssid?
GeeTek
DD-WRT Guru


Joined: 06 Jun 2006
Posts: 3763
Location: I'm the one on the plate.

PostPosted: Tue Sep 18, 2007 3:10    Post subject: Reply with quote
I think I was trippin and got mixed up with WDS configurations. The client modes in the other firmware I was thinking about work the same as they do in DD-WRT. Sorry to jerk you in the wrong direction ! Crying or Very sad
_________________
http://69.175.13.131:8015 Streaming Week-End Disco. Station Ripper V 1.1 will do.
hkphooey
DD-WRT Novice


Joined: 17 Sep 2007
Posts: 5

PostPosted: Tue Sep 18, 2007 5:29    Post subject: Reply with quote
I did some research with another firmware (begins with O, but obviously can't mention it here!). This does seem to let you set the channel as well as the SSID of the AP you're attaching to, by using the following commands from an SSH shell
Code:
ifdown wan
nvram set wl0_ssid=<SSID>
nvram set wl0_channel=<CHANNEL_NUMBER>
ifup wan; /sbin/wifi

However in practice, it didn't work: the site survey in the other distribution only produced a fraction of the APs available, and the one I wanted to connect wasn't among them.

Eventually I went back to DD-WRT and lucked out - the wrong access point had disappeared and I could connect to the right one.

This is actually quite important to get right. If you connect to the wrong AP its actually illegal and the fact that DDWRT (and the other distros) will just automatically connect to the strongest (or the most recently accessed ?) is quite dangerous. In this case I'm trying to connect to my friend's Access point which is fine, but if my DDWRT box disconnects and re-connects to the wrong AP, I could theoretically go to jail for it.
rift
DD-WRT Novice


Joined: 18 Sep 2007
Posts: 2

PostPosted: Tue Sep 18, 2007 5:32    Post subject: Reply with quote
I think this is a serious issue that the dd-wrt team needs to address. Any devs/admins want to comment on this?
GeeTek
DD-WRT Guru


Joined: 06 Jun 2006
Posts: 3763
Location: I'm the one on the plate.

PostPosted: Tue Sep 18, 2007 6:48    Post subject: Reply with quote
hkphooey wrote:
I did some research with another firmware (begins with O, but obviously can't mention it here!).

I know what you mean. For politeness sake, we need a code chart to represent different firmware for these discussions. Help me out if you can, but here is a start ;

T = Tomato
O = OpenWrt
H = Hyperwrt
S = Svea some fucking shit nobody ever loads
C = Coova
F = Frankenstein (correction requested), that Sweedish or Switzer one that we cannot understand (Europe is a long ways off).

Now, since I've had only beer - no food, drugs or pussy for at least 5 weeks, my memory may be a little weak, but if I remember correctly, "T" requires that you match SSID and channel, DD-WRT requires that you match only SSID for client modes, but will scan all channels for that SSID. I'll double check that here real soon if need be.

_________________
http://69.175.13.131:8015 Streaming Week-End Disco. Station Ripper V 1.1 will do.
GeeTek
DD-WRT Guru


Joined: 06 Jun 2006
Posts: 3763
Location: I'm the one on the plate.

PostPosted: Tue Sep 18, 2007 7:43    Post subject: Reply with quote
I remember another long post a few months ago about this same exact problem. If you can find it, maybe there was a good answer. I did not follow the thread since I was not too worried about it at the time.
_________________
http://69.175.13.131:8015 Streaming Week-End Disco. Station Ripper V 1.1 will do.
hkphooey
DD-WRT Novice


Joined: 17 Sep 2007
Posts: 5

PostPosted: Sat Sep 22, 2007 1:51    Post subject: Reply with quote
So taking my post about the 'other' distro as a starting point, would something like the following work on DD-WRT? eth1 is my wireless interface.

Code:
ifconfig eth1 down
nvram set wl_ssid="linksys"
nvram set wl0_ssid="linksys"
nvram set wl_channel=6
nvram set wl0_channel=6
ifconfig eth1 up

I've tried this and it seems to work. But then again it might just be that the correct router is now the most favoured (best signal etc) and it connects to that one anyway

I wasn't sure whether or not to use wl_ or wl0_ settings, as both of them seem to be set when I associate to a new AP. Maybe someone can clear up that mystery for me.

Also, another strange thing: when my DDWRT associates to my friend's AP as a client, it doesn't give out a DHCP client name. Not sure if this is a problem or not, as it can still be identified by MAC address.
JN
DD-WRT Guru


Joined: 29 Mar 2007
Posts: 771

PostPosted: Sat Sep 22, 2007 17:44    Post subject: Reply with quote
This is already possible in client mode using the Mac Filter under the wireless tab. You do it by putting the desired MAC address to which to connect into the MAC filter of the client router and make the list be an allow list. Mac sure you enable MAC filter too. It is *NOT* possible in repeater mode and should be.

hkphooey wrote:
This is actually quite important to get right. If you connect to the wrong AP its actually illegal and the fact that DDWRT (and the other distros) will just automatically connect to the strongest (or the most recently accessed ?) is quite dangerous. In this case I'm trying to connect to my friend's Access point which is fine, but if my DDWRT box disconnects and re-connects to the wrong AP, I could theoretically go to jail for it.
It would be rude, but I don't know about illegal, to connect to an open unhidden network if the person connecting is not tresspassing or using the network for illegal activity, and the connection is not metered and billed by data transfer quantity.

I would think the question of illegal use of a network would center around the issue of whether the person connecting is considered to have permission. I suspect, that, for an open network, as long as a person is not tresspassing or using the network for illegal purposes, that it may be possible to consider the fact that the network owner has the router set to hand out DHCP addressess automatically without password, that it may constitute permission to connect, by virtue of the fact the router owner has their router set that way. I suspect that such an argument never would get a chance to be tested in court, because 1) such piggybacking users are rarely caught, and 2) if a connector who was caught was doing nothing else wrong, they probably would take a small fine or community service over having a trial out of intimidation or deciding its not worth the fight.

So we may never be certain if it really is illegal until somebody decides to really argue the case out of principal (and spend more than they would be fined if they caved).

But in any case, it is at least rude, unless the network belongs to a business deliberately offering it, so DD-WRT should have the proper tools to control our connections precisely in both client and repeater modes. Unfortunately, this has never been fixed in repeater mode.
hkphooey
DD-WRT Novice


Joined: 17 Sep 2007
Posts: 5

PostPosted: Sun Sep 23, 2007 3:43    Post subject: Reply with quote
With respect to the legal aspects, there have been cases of prosecution in the UK. eg
http://icbirmingham.icnetwork.co.uk/printable_version.cfm?objectid=19672330&siteid=50002
and also in the US eg. http://money.cnn.com/2005/07/07/technology/personaltech/wireless_arrest/index.htm

Admittedly its unlikely that you'll get caught for it. The problem is that the laws pertaining to computer system access were made a long time ago and are both vague and inappropriate. They badly need an update. The US law is one about unauthorised system access, and the sentence can range from probation to 5 years.

The case could be argued either way depending on the agressiveness of your lawyers. My feeling is the same as yours: that if you're just browsing around and checking email, and not up to anything illegal (distributing wares, spam etc) then you'll probably be OK. And we also agree that the tools to target a specific AP are needed.
dicksons
DD-WRT Guru


Joined: 07 Jun 2006
Posts: 980
Location: Coal Creek Canyon, Colorado

PostPosted: Sun Sep 23, 2007 3:51    Post subject: Reply with quote
hkphooey ( #1 superguy ? fasterthan the human eye ?)

-- in client mode, just mac-filter yourself to the proper AP if there are multiple APs on the same SSID.

I swear this is the best forum in the 'net to get a load of intricately complex answers to a myriad of questions that you didn't even ask !!

_________________
linksys GSv2, Gv4, Gv2, GLv1, G-TM, Buffalo wbr2, whr, whr-hp, whr-g125, wli-tx4-g54hp, Moto wr850gp, Alix.3C2
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum