ancontrol(8)

NAME

ancontrol - configure Aironet 4500/4800 devices

SYNOPSIS

ancontrol -i iface -A
ancontrol -i iface -N
ancontrol -i iface -S
ancontrol -i iface -I
ancontrol -i iface -T
ancontrol -i iface -C
ancontrol -i iface -Q
ancontrol -i iface -Z
ancontrol -i iface -R
ancontrol -i iface -t 0-4
ancontrol -i iface -s 0-3
ancontrol -i iface [-v 1-4] -a AP
ancontrol -i iface -b beacon_period
ancontrol -i iface [-v 0 | 1] -d 0-3
ancontrol -i iface -e 0-4
ancontrol -i iface [-v 0-8] -k key
ancontrol -i iface -K 0-2
ancontrol -i iface -W 0-2
ancontrol -i iface -L user_name
ancontrol -i iface -j netjoin_timeout
ancontrol -i iface -l station_name
ancontrol -i iface -m mac_address
ancontrol -i iface [-v 1-3] -n SSID
ancontrol -i iface -o 0 | 1
ancontrol -i iface -p tx_power
ancontrol -i iface -c frequency
ancontrol -i iface -f fragmentation_threshold
ancontrol -i iface -r RTS_threshold
ancontrol -i iface -M 0-15
ancontrol -h

DESCRIPTION

The ancontrol utility controls the operation of Aironet

wireless networking devices via the an(4) driver. Most of the parameters

that can be
changed relate to the IEEE 802.11 protocol which the Aironet

cards implement. This includes such things as the station name,

whether the station
is operating in ad-hoc (point to point) or infrastructure

mode, and the
network name of a service set to join. The ancontrol utili

ty can also be
used to view the current NIC status, configuration and to

dump out the
values of the card's statistics counters.

The iface argument given to ancontrol should be the logical

interface
name associated with the Aironet device (an0, an1, etc.).

If one is not
specified the device ``an0'' will be assumed.

The ancontrol utility is not designed to support the combi

nation of arguments from different SYNOPSIS lines in a single ancontrol

invocation, and
such combinations are not recommended.

OPTIONS

The options are as follows:

-i iface -A

Display the preferred access point list. The AP

list can be used
by stations to specify the MAC address of access

points with
which it wishes to associate. If no AP list is

specified (the
default) then the station will associate with the

first access
point that it finds which serves the SSID(s) speci

fied in the
SSID list. The AP list can be modified with the -a

option.

-i iface -N

Display the SSID list. This is a list of service

set IDs (i.e.,
network names) with which the station wishes to as

sociate. There
may be up to three SSIDs in the list: the station

will go through
the list in ascending order and associate with the

first matching
SSID that it finds.

-i iface -S

Display NIC status information. This includes the

current operating status, current BSSID, SSID, channel, beacon

period and
currently associated access point. The operating

mode indicates
the state of the NIC, MAC status and receiver sta

tus. When the
"synced" keyword appears, it means the NIC has suc

cessfully associated with an access point, associated with an ad

hoc ``master''
station, or become a ``master'' itself. The beacon

period can be
anything between 20 and 976 milliseconds. The de

fault is 100.

-i iface -I

Display NIC capability information. This shows the

device type,
frequency, speed and power level capabilities and

firmware revision levels.

-i iface -T

Display the NIC's internal statistics counters.

-i iface -C

Display current NIC configuration. This shows the

current operation mode, receive mode, MAC address, power save

settings, various timing settings, channel selection, diversity,

transmit power
and transmit speed.

-i iface -Q

Display the cached signal strength information main

tained by the
an(4) driver. The driver retains information about

signal
strength and noise level for packets received from

different
hosts. The signal strength and noise level values

are displayed
in units of dBms by default. The

hw.an.an_cache_mode sysctl(8)
variable can be set to raw, dbm or per.

-i iface -Z

Clear the signal strength cache maintained internal

ly by the
an(4) driver.

-i iface -R

Display RSSI map that converts from the RSSI index

to percent and
dBm.

-i iface -t 0-4

Select transmit speed. The available settings are

as follows:

TX rate NIC speed
0 Auto -- NIC selects optimal

speed
1 1Mbps fixed
2 2Mbps fixed
3 5.5Mbps fixed
4 11Mbps fixed

Note that the 5.5 and 11Mbps settings are only sup

ported on the
4800 series adapters: the 4500 series adapters have

a maximum
speed of 2Mbps.

-i iface -s 0-3

Set power save mode. Valid selections are as fol

lows:

Selection Power save mode 0 None - power save disabled
1 Constantly awake mode (CAM)
2 Power Save Polling (PSP)
3 Fast Power Save Polling (PSP

CAM)

Note that for IBSS (ad-hoc) mode, only PSP mode is

supported, and
only if the ATIM window is non-zero.

-i iface [-v 1-4] -a AP

Set preferred access point. The AP is specified as

a MAC address
consisting of 6 hexadecimal values separated by

colons. By
default, the -a option only sets the first entry in

the AP list.
The -v modifier can be used to specify exactly which

AP list
entry is to be modified. If the -v flag is not

used, the first
AP list entry will be changed.

-i iface -b beacon_period

Set the ad-hoc mode beacon period. The

beacon_period is specified in milliseconds. The default is 100ms.

-i iface [-v 0 | 1] -d 0-3

Select the antenna diversity. Aironet devices can

be configured
with up to two antennas, and transmit and receive

diversity can
be configured accordingly. Valid selections are as

follows:

Selection Diversity 0 Select factory default diver

sity
1 Antenna 1 only
2 Antenna 2 only
3 Antenna 1 and 2

The receive and transmit diversity can be set inde

pendently. The
user must specify which diversity setting is to be

modified by
using the -v option: selection 0 sets the receive

diversity and 1
sets the transmit diversity.

-i iface -e 0-4

Set the transmit WEP key to use. Note that until

this command is
issued, the device will use the last key programmed.

The transmit key is stored in NVRAM. Currently set transmit

key can be
checked via -C option. Selection 4 sets the card in

``Home
Network Mode'' and uses the home key.

-i iface [-v 0-8] -k key

Set a WEP key. For 40 bit prefix 10 hex character

with 0x. For
128 bit prefix 26 hex character with 0x. Use "" as

the key to
erase the key. Supports 4 keys; even numbers are

for permanent
keys and odd number are for temporary keys. For ex

ample, -v 1
sets the first temporary key. (A ``permanent'' key

is stored in
NVRAM; a ``temporary'' key is not.) Note that the

device will
use the most recently-programmed key by default.

Currently set
keys can be checked via -C option, only the sizes of

the keys are
returned. The value of 8 is for the home key. Note

that the
value for the home key can be read back from

firmware.

-i iface -K 0-2

Set authorization type. Use 0 for none, 1 for

``Open'', 2 for
``Shared Key''.

-i iface -W 0-2

Enable WEP. Use 0 for no WEP, 1 to enable full WEP,

2 for mixed
cell.

-i iface -L user_name

Enable LEAP and query for password. It will check

to see if it
has authenticated for up to 60s. To disable LEAP,

set WEP mode.

-i iface -j netjoin_timeout

Set the ad-hoc network join timeout. When a station

is first
activated in ad-hoc mode, it will search out a

``master'' station
with the desired SSID and associate with it. If the

station is
unable to locate another station with the same SSID

after a suitable timeout, it sets itself up as the ``master'' so

that other
stations may associate with it. This timeout de

faults to 10000
milliseconds (10 seconds) but may be changed with

this option.
The timeout should be specified in milliseconds.

-i iface -l station_name

Set the station name used internally by the NIC.

The
station_name can be any text string up to 16 charac

ters in
length. The default name is set by the driver to

``FreeBSD''.

-i iface -m mac_address

Set the station address for the specified interface.

The
mac_address is specified as a series of six hexadec

imal values
separated by colons, e.g.: 00:60:1d:12:34:56. This

programs the
new address into the card and updates the interface

as well.

-i iface [-v 1-3] -n SSID

Set the desired SSID (network name). There are

three SSIDs which
allows the NIC to work with access points at several

locations
without needing to be reconfigured. The NIC checks

each SSID in
sequence when searching for a match. The SSID to be

changed can
be specified with the -v modifier option. If the -v

flag is not
used, the first SSID in the list is set.

-i iface -o 0 | 1

Set the operating mode of the Aironet interface.

Valid selections are 0 for ad-hoc mode and 1 for infrastructure

mode. The
default driver setting is for infrastructure mode.

-i iface -p tx_power

Set the transmit power level in milliwatts. Valid

power settings
vary depending on the actual NIC and can be viewed

by dumping the
device capabilities with the -I flag. Typical val

ues are 1, 5,
20, 50 and 100mW. Selecting 0 sets the factory de

fault.

-i iface -c frequency

Set the radio frequency of a given interface. The

frequency
should be specified as a channel ID as shown in the

table below.
The list of available frequencies is dependent on

radio regulations specified by regional authorities. Recognized

regulatory
authorities include the FCC (United States), ETSI

(Europe),
France and Japan. Frequencies in the table are

specified in MHz.

Channel ID FCC ETSI France

Japan
1 2412 2412

2 2417 2417

3 2422 2422

4 2427 2427

5 2432 2432

6 2437 2437

7 2442 2442

8 2447 2447

9 2452 2452

10 2457 2457 2457

11 2462 2462 2462

12 - 2467 2467

13 - 2472 2472

14 - -

2484

If an illegal channel is specified, the NIC will re

vert to its
default channel. For NICs sold in the United States

and Europe,
the default channel is 3. For NICs sold in France,

the default
channel is 11. For NICs sold in Japan, the only

available channel is 14. Note that two stations must be set to

the same channel in order to communicate.

-i iface -f fragmentation_threshold

Set the fragmentation threshold in bytes. This

threshold controls the point at which outgoing packets will be

split into multiple fragments. If a single fragment is not sent

successfully,
only that fragment will need to be retransmitted in

stead of the
whole packet. The fragmentation threshold can be

anything from
64 to 2312 bytes. The default is 2312.

-i iface -r RTS_threshold

Set the RTS/CTS threshold for a given interface.

This controls
the number of bytes used for the RTS/CTS handshake

boundary. The
RTS_threshold can be any value between 0 and 2312.

The default
is 2312.

-i iface -M 0-15

Set monitor mode via bit mask, meaning:

Bit Meaning
0 to not dump 802.11 packet.
1 to enable 802.11 monitor.
2 to monitor any SSID.
4 to not skip beacons, monitor beacons

produces a

high system load.

8 to enable full Aironet header returned

via BPF.

Note it appears that a SSID must be

set.

-h Print a list of available options and sample usage.

SECURITY NOTES

WEP (``wired equivalent privacy'') is based on the RC4 algo

rithm, using a
24 bit initialization vector.

RC4 is supposedly vulnerable to certain known plaintext at

tacks, especially with 40 bit keys. So the security of WEP in part de

pends on how
much known plaintext is transmitted.

Because of this, although counter-intuitive, using ``shared

key'' authentication (which involves sending known plaintext) is less

secure than
using ``open'' authentication when WEP is enabled.

Devices may alternate among all of the configured WEP keys

when transmitting packets. Therefore, all configured keys (up to four)

must agree.

EXAMPLES

ancontrol -i an0 -v 0 -k 0x12345678901234567890123456
ancontrol -i an0 -K 2
ancontrol -i an0 -W 1
ancontrol -i an0 -e 0

Sets a WEP key 0, enables ``Shared Key'' authentication, en

ables full WEP
and uses transmit key 0.

SEE ALSO

an(4), ifconfig(8)

HISTORY

The ancontrol utility first appeared in FreeBSD 4.0.

AUTHORS

The ancontrol utility was written by Bill Paul

<wpaul@ee.columbia.edu>.

BUGS

The statistics counters do not seem to show the amount of

transmit and
received frames as increasing. This is likely due to the

fact that the
an(4) driver uses unmodified packet mode instead of letting

the NIC perform 802.11/ethernet encapsulation itself.

Setting the channel does not seem to have any effect.

BSD September 10, 1999

BSD