├── Install.txt ├── LICENSE ├── README.md ├── conf ├── hostapd.conf └── ser2net.conf ├── default ├── isc-dhcp-server └── ufw ├── dhcp └── dhcpd.conf ├── images ├── Cisco-USB-console-cable.jpg ├── Console-cables-plugged-into-appliances.png ├── Wi-Fi-Console-with-multiple-adapters.jpg └── wlanpi_console.jpg ├── network └── interfaces ├── release_notes.txt ├── sysctl └── sysctl.conf ├── tests ├── wconsole_tests_01.sh └── wconsole_tests_02.sh ├── ufw └── before.rules ├── version.txt └── wconsole_switcher /Install.txt: -------------------------------------------------------------------------------- 1 | 2 | INSTALL.txt 3 | ========== 4 | 5 | To provide a wireless remote serial port, you will need: 6 | 7 | - a supported wireless adapter plugged in to one port of the WLANPi (e.g. CF-912ac) 8 | - a compatible USB to serial cable in the other USB port (e.g. Prolific Technology, Inc. PL2303 9 | Serial Port) 10 | - a WLANPi with 2 USB sockets (only avaiable on more recent models) 11 | 12 | Before attempting to use WCONSOLE, you must install the ser2net packge on your WLANPi. To install 13 | the package, perform the following steps: 14 | 15 | 1. Connect your WLANPI via the Ethernet port to a network with Internet access 16 | 2. SSH to the WLANPi and login 17 | 3. execute the following commands: 18 | apt-get update 19 | apt-get install ser2net 20 | 21 | Once ser2net is installed, copy the supplied wconsole gzipped archive to the WLANPi to the /etc 22 | directory of the WLANPI (see "bundle" github folder). Extract the files from the archive using 23 | the command: 24 | 25 | tar xvfz wconsole-v0.04.tar.gz 26 | 27 | Installation is now complete. If you are using the native WLANPi front panel menu system to flip modes (which is available from image ver v1.7 & highly recommended!) and activate the Wi-Fi console, you do not need to do anything else. 28 | 29 | To flip in to the Wi-FI console mode via the CLI, change to the newly created directory /etc/wconsole: 30 | 31 | cd /etc/wconsole 32 | 33 | Flip the WLANPi in to wconsole mode: 34 | 35 | sudo ./wconsole_switcher on 36 | 37 | At this point, the WLANPi will reboot. Following the reboot, an SSID of wifi_console will be available 38 | on channel 1. Join the SSID and use the PSK: wifipros. 39 | 40 | Once you have joined the SSID, open a telnet session to 192.168.42.1:9600. This will provide access 41 | to the serial console cable plugged in to the USB port. 42 | 43 | To switch out of wconsole mode, connect the WLANPi to a network via the Ethernet port, SSH to it 44 | and run the command: sudo /etc/wconsole/wconsole_switcher off 45 | 46 | 47 | 48 | 49 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2021 Jiri Brejcha, Nigel Bowden 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Wi-Fi Console 2 | *Turn your WLAN Pi in to a wireless serial console cable* 3 | 4 | It can be annoying to have to sit in an equipment room to use the serial console port on an item of networking equipment. This project allows you to use a WLAN Pi to connect to your serial console cable via a Wi-Fi link while sat in the comfort of a nearby office, rather than sat with your laptop on the equipment room floor :) 5 | 6 | ![WLAN Pi wconsole demo](https://github.com/WLAN-Pi/wconsole/blob/master/images/wlanpi_console.jpg) 7 | 8 | ## Requirements 9 | 10 | To provide a wireless console serial port using your WLAN Pi, you will need: 11 | 12 | - a supported wireless adapter plugged in to one USB port of the WLAN Pi (e.g. CF-912AC, CF-915AC) 13 | - A recent generation WLAN Pi that has 2 USB sockets 14 | - A (compatible) USB to serial cable connected to one the other WLAN Pi USB port (e.g. Prolific Technology, Inc. PL2303 Serial Port) 15 | - WLAN Pi distribution v1.6.1 or later installed on the WLAN Pi (https://github.com/WLAN-Pi/wlanpi/releases) 16 | 17 | ## Enabling Wi-Fi Console Mode 18 | 19 | To flip the WLAN Pi in to "Wi-Fi Console" mode, using the front panel menu system select the following options 20 | 21 | ``` 22 | Menu > Modes > Wi-Fi Console > Confirm 23 | ``` 24 | 25 | At this point, the WLAN Pi will reboot so that the new networking configuration will take effect. Following the reboot, the "Wi-Fi Console" mode is reported on the WLAN Pi display. 26 | 27 | ## Disabling Wi-Fi Console Mode 28 | 29 | To flip the WLAN Pi back to classic mode use the front panel menu system select the following options 30 | 31 | ``` 32 | Menu > Actions > Classic Mode > Confirm 33 | ``` 34 | 35 | The WLAN Pi will reboot and start up in the default, classic mode. 36 | 37 | # Using Wi-Fi Console 38 | 39 | Following the WLAN Pi reboot, by default, an SSID of "wifi_console" will be available on channel 1. You can join the SSID with a wireless client (e.g. your laptop) using the default shared key: wifipros 40 | 41 | Once you have joined the SSID, open a telnet session to the WLAN Pi at 192.168.42.1 using network port 9600. This will provide access to the serial console cable plugged in to the USB port, operating with a serial port configuration of 9600,8,N,1. 42 | 43 | In addition to the serial port configuration on TCP 9600 the following ports are also configured in the "ser2net" configuration file: 44 | 45 | - TCP port 2400 : serial port config: 2400,8,N,1 46 | - TCP port 4800 : serial port config: 4800,8,N,1 47 | - TCP port 9600 : serial port config: 9600,8,N,1 48 | - TCP port 19200 : serial port config: 19200,8,N,1 49 | - TCP port 11520 (note the missing zero please) : serial port config: 115200,8,N,1 50 | 51 | (If you wish to experiment yourself with the network port allocations, see the /etc/wconsole/conf/ser2net.conf file) 52 | 53 | 54 | ## Multiple serial to USB adapters 55 | 56 | You can now (from WLAN Pi image version v1.9.1) use WLAN Pi with up to 8 USB to serial cables, via a USB hub. All 5 baud rates are still available for each cable and the last digit of the TCP port matches the serial cable number (from 1 to 8): 57 | 58 | - First adapter uses ports 2401, 4801, 9601, 19201, 11521 (and also ports 2400, 4800, 9600, 19200, 11520 for backwards compatibility) 59 | - Second adapter uses ports 2402, 4802, 9602, 19202 60 | - ... 61 | - Eight adapter uses ports 2408, 4808, 9608, 19208 62 | 63 | Example: To connect to the third adapter at baud rate 9600, telnet to WLAN Pi's IP address on TCP port 9603. 64 | 65 | ![WLAN Pi with multiple adapters](/images/Wi-Fi-Console-with-multiple-adapters.jpg) 66 | 67 | (Note: the octopus cable shown above is a standard USB hub) 68 | 69 | ![WLAN Pi connected to multiple appliances](/images/Console-cables-plugged-into-appliances.png) 70 | 71 | ## Cisco USB console cables 72 | 73 | If you are a Cisco shop you may already have a box of unused Cisco USB console cables. Let’s put those to use. You can plug up to 8 using a USB hub to your WLAN Pi and access up to 8 terminal lines wirelessly – no drivers needed! 74 | 75 | ![WLAN Pi Cisco USB console cables](/images/Cisco-USB-console-cable.jpg) 76 | 77 | To access the Cisco USB console sessions, simply telnet to the WLAN Pi IP address and use one of these ports. The last digit matches the USB console cable number (from 1 to 8): 78 | 79 | - First USB cable uses port 2001 80 | - Second USB cable uses port 2002 81 | - ... 82 | - Eight USB cable uses port 2008 83 | 84 | Example: To connect to the second USB console cable, telnet to WLAN Pi's IP address on TCP port 2002. 85 | 86 | ## Configurations Options 87 | 88 | It is very likely that you will not want to use this utility with the default shared key, channel and SSID. 89 | 90 | To change from the default settings, ensure that the WLAN Pi is operating in standard "classic"mode. Then, edit the file: /etc/wconsole/conf/hostapd.conf. This can be done by opening an SSH session to the WLAN Pi and using the 'nano' editor: 91 | 92 | ``` 93 | sudo nano /etc/wconsole/conf/hostapd.conf 94 | ``` 95 | 96 | Change the following fields to your desired values: 97 | 98 | ``` 99 | ssid=wifi_console 100 | channel=1 101 | wpa_passphrase=wifipros 102 | ``` 103 | 104 | Once you have made your changes, hit Ctrl-X to exit and hit "Y" to save the changes when prompted. 105 | 106 | Next, flip the WLAN Pi back in to "Wi-Fi Console" mode as described in previous sections. After the accompanying reboot, the WLAN Pi should operate using the newly configured parameters. 107 | 108 | (Note: if you make these changes while in "Wi-Fi Console" mode, they will not take effect. You must start in "classic" mode, make the updates, then switch to "Wi-Fi Console" mode) 109 | 110 | 111 | # Legacy Options (Not Recommended For General Use) 112 | 113 | (It is possible to flip in to Wi-Fi console mode using the Linux CLI, but it is strongly recommended to use the native WLAN Pi front panel navigation menu) 114 | 115 | As there are quite a few networking changes we need to make for Wi-Fi Console to operate correctly, we need to flip the WLAN Pi in to a completely new mode of operation that uses a different network configuration. The 'wconsole_switcher' script is used to switch between the usual "classic" mode of operation and the "Wi-Fi Console" mode of operation. 116 | 117 | When moving to the "Wi-Fi Console" mode, various configuration files are changed on the WLAN Pi, with the original networking files being preserved to allow restoration to the original ("classic" mode) configuration. 118 | 119 | When moving back to the original "classic" mode, all changed files are restored to their original state. 120 | 121 | When moving between modes, the WLAN Pi will reboot to ensure that all new network configuration starts cleanly. 122 | 123 | ## Enabling Wi-Fi Console Mode (Via CLI) 124 | 125 | To flip the WLAN Pi in to "Wi-Fi Console" mode, SSH to the WLAN Pi and execute the following command: 126 | 127 | ``` 128 | sudo /etc/wconsole/wconsole_switcher on 129 | ``` 130 | 131 | At this point, the WLAN Pi will reboot so that the new networking configuration will take effect. 132 | 133 | 134 | ## Exiting Wi-Fi Console Mode (via CLI) 135 | 136 | To switch out of "Wi-Fi Console" mode, SSH to the WLAN Pi using network address 192.168.42.1 (while connected to the Wi-Fi Console SSID, using standard port 22) and run the command: 137 | 138 | ``` 139 | sudo /etc/wconsole/wconsole_switcher off 140 | ``` 141 | 142 | When this command is executed, the original ("classic" mode) networking configuration files will be restored and the WLAN Pi will reboot. After the reboot, the WLAN Pi will operate as it did before the switch to "Wi-Fi Console" mode. 143 | 144 | -------------------------------------------------------------------------------- /conf/hostapd.conf: -------------------------------------------------------------------------------- 1 | # 2 | # To run from CLI for debugging, use: 3 | # 4 | # /usr/sbin/hostapd -d -P /run/hostapd.wlan0.pid /etc/hostapd.conf 5 | # 6 | 7 | # WLAN SSID 8 | ssid=wifi_console 9 | 10 | # WPA PSK 11 | wpa_passphrase=wifipros 12 | 13 | # Channel setting 14 | channel=1 15 | 16 | # Mode options: a=5GHz / g=2.4GHz 17 | hw_mode=g 18 | 19 | interface=wlan0 20 | 21 | driver=nl80211 22 | 23 | # Set country code and enforce country limits 24 | #country_code=GB 25 | #ieee80211d=1 26 | 27 | ieee80211n=1 28 | 29 | beacon_int=100 30 | dtim_period=2 31 | 32 | max_num_sta=10 33 | 34 | # rts/ets threshold disabled 35 | rts_threshold=-1 36 | 37 | # fragmentation threshold disabled 38 | fragm_threshold=-1 39 | 40 | # basic & supported rates (x10) 41 | supported_rates=10 20 55 110 60 90 120 180 240 360 480 540 42 | basic_rates=60 120 240 43 | 44 | # disable mac filtering 45 | #macaddr_acl=0 46 | 47 | # 802.11 auth (bit 0 = open auth, bit 1 = shared key) 48 | auth_algs=1 49 | 50 | # broadcast SSID 51 | ignore_broadcast_ssid=0 52 | 53 | # enabled WMM to allow 11n etc supported 54 | wmm_enabled=1 55 | 56 | # enable WPA2 57 | wpa=2 58 | wpa_key_mgmt=WPA-PSK 59 | rsn_pairwise=CCMP 60 | -------------------------------------------------------------------------------- /conf/ser2net.conf: -------------------------------------------------------------------------------- 1 | # 2 | # This is the configuration file for ser2net. It has the following format: 3 | # :::: 4 | # TCP port 5 | # Name or number of the TCP/IP port to accept con- 6 | # nections from for this device. A port number may 7 | # be of the form [host,]port, such as 127.0.0.1,2000 8 | # or localhost,2000. If this is specified, it will 9 | # only bind to the IP address specified. Otherwise 10 | # it will bind to all the ports on the machine. 11 | # 12 | # state Either raw or rawlp or telnet or off. off disables 13 | # the port from accepting connections. It can be 14 | # turned on later from the control port. raw enables 15 | # the port and transfers all data as-is between the 16 | # port and the long. rawlp enables the port and 17 | # transfers all input data to device, device is open 18 | # without any termios setting. It allow to use 19 | # /dev/lpX devices and printers connected to them. 20 | # telnet enables the port and runs the telnet proto- 21 | # col on the port to set up telnet parameters. This 22 | # is most useful for using telnet. 23 | # 24 | # timeout 25 | # The time (in seconds) before the port will be dis- 26 | # connected if there is no activity on it. A zero 27 | # value disables this funciton. 28 | # 29 | # device The name of the device to connect to. This 30 | # must be in the form of /dev/. 31 | # 32 | # options 33 | # Sets operational parameters for the serial port. 34 | # Options 300, 1200, 2400, 4800, 9600, 19200, 38400, 35 | # 57600, 115200 set the various baud rates. EVEN, 36 | # ODD, NONE set the parity. 1STOPBIT, 2STOPBITS set 37 | # the number of stop bits. 7DATABITS, 8DATABITS set 38 | # the number of data bits. [-]XONXOFF turns on (- 39 | # off) XON/XOFF support. [-]RTSCTS turns on (- off) 40 | # hardware flow control, [-]LOCAL turns off (- on) 41 | # monitoring of the modem lines, and 42 | # [-]HANGUP_WHEN_DONE turns on (- off) lowering the 43 | # modem control lines when the connextion is done. 44 | # NOBREAK disables automatic setting of the break 45 | # setting of the serial port. 46 | # The "remctl" option allow remote control (ala RFC 47 | # 2217) of serial-port configuration. A banner name 48 | # may also be specified, that banner will be printed 49 | # for the line. If no banner is given, then no 50 | # banner is printed. 51 | # 52 | # or... 53 | 54 | # BANNER::banner 55 | # This will create a banner, if the banner name is given in the 56 | # options of a line, that banner will be printed. This takes the 57 | # standard "C" \x characters (\r is carraige return, \n is newline, 58 | # etc.). It also accepts \d, which prints the device name, \p, 59 | # which prints the TCP port number, and \s which prints the serial 60 | # parameters (eg 9600N81). Banners can span lines if the last 61 | # character on a line is '\'. Note that you *must* use \r\n to 62 | # start a new line. 63 | # 64 | # Note that the same device can be listed multiple times under different 65 | # ports, this allows the same serial port to have both telnet and raw 66 | # protocols. 67 | 68 | # The original config file shipped with the upstream sources can be 69 | # found in /usr/share/doc/ser2net/examples 70 | 71 | BANNER:banner:\r\nser2net port \p device \d [\s] (WLANPi rconsole)\r\n\r\n 72 | 73 | #Ports 11520-11528 are used for baud rate 115200 74 | 75 | #Originally used ports for backwards compatibility adapter #1 76 | 2400:telnet:3600:/dev/ttyUSB0:2400 8DATABITS NONE 1STOPBIT banner 77 | 4800:telnet:3600:/dev/ttyUSB0:4800 8DATABITS NONE 1STOPBIT banner 78 | 9600:telnet:3600:/dev/ttyUSB0:9600 8DATABITS NONE 1STOPBIT banner 79 | 19200:telnet:3600:/dev/ttyUSB0:19200 8DATABITS NONE 1STOPBIT banner 80 | 38400:telnet:3600:/dev/ttyUSB0:38400 8DATABITS NONE 1STOPBIT banner 81 | 11520:telnet:3600:/dev/ttyUSB0:115200 8DATABITS NONE 1STOPBIT banner 82 | 83 | #USB-to-serial adapter #1 84 | 2401:telnet:3600:/dev/ttyUSB0:2400 8DATABITS NONE 1STOPBIT banner 85 | 4801:telnet:3600:/dev/ttyUSB0:4800 8DATABITS NONE 1STOPBIT banner 86 | 9601:telnet:3600:/dev/ttyUSB0:9600 8DATABITS NONE 1STOPBIT banner 87 | 19201:telnet:3600:/dev/ttyUSB0:19200 8DATABITS NONE 1STOPBIT banner 88 | 38401:telnet:3600:/dev/ttyUSB0:38400 8DATABITS NONE 1STOPBIT banner 89 | 11521:telnet:3600:/dev/ttyUSB0:115200 8DATABITS NONE 1STOPBIT banner 90 | 91 | #USB-to-serial adapter #2 92 | 2402:telnet:3600:/dev/ttyUSB1:2400 8DATABITS NONE 1STOPBIT banner 93 | 4802:telnet:3600:/dev/ttyUSB1:4800 8DATABITS NONE 1STOPBIT banner 94 | 9602:telnet:3600:/dev/ttyUSB1:9600 8DATABITS NONE 1STOPBIT banner 95 | 19202:telnet:3600:/dev/ttyUSB1:19200 8DATABITS NONE 1STOPBIT banner 96 | 38402:telnet:3600:/dev/ttyUSB1:38400 8DATABITS NONE 1STOPBIT banner 97 | 11522:telnet:3600:/dev/ttyUSB1:115200 8DATABITS NONE 1STOPBIT banner 98 | 99 | #USB-to-serial adapter #3 100 | 2403:telnet:3600:/dev/ttyUSB2:2400 8DATABITS NONE 1STOPBIT banner 101 | 4803:telnet:3600:/dev/ttyUSB2:4800 8DATABITS NONE 1STOPBIT banner 102 | 9603:telnet:3600:/dev/ttyUSB2:9600 8DATABITS NONE 1STOPBIT banner 103 | 19203:telnet:3600:/dev/ttyUSB2:19200 8DATABITS NONE 1STOPBIT banner 104 | 38403:telnet:3600:/dev/ttyUSB2:38400 8DATABITS NONE 1STOPBIT banner 105 | 11523:telnet:3600:/dev/ttyUSB2:115200 8DATABITS NONE 1STOPBIT banner 106 | 107 | #USB-to-Serial Adapter #4 108 | 2404:telnet:3600:/dev/ttyUSB3:2400 8DATABITS NONE 1STOPBIT banner 109 | 4804:telnet:3600:/dev/ttyUSB3:4800 8DATABITS NONE 1STOPBIT banner 110 | 9604:telnet:3600:/dev/ttyUSB3:9600 8DATABITS NONE 1STOPBIT banner 111 | 19204:telnet:3600:/dev/ttyUSB3:19200 8DATABITS NONE 1STOPBIT banner 112 | 38404:telnet:3600:/dev/ttyUSB3:38400 8DATABITS NONE 1STOPBIT banner 113 | 11524:telnet:3600:/dev/ttyUSB3:115200 8DATABITS NONE 1STOPBIT banner 114 | 115 | #USB-to-Serial Adapter #5 116 | 2405:telnet:3600:/dev/ttyUSB4:2400 8DATABITS NONE 1STOPBIT banner 117 | 4805:telnet:3600:/dev/ttyUSB4:4800 8DATABITS NONE 1STOPBIT banner 118 | 9605:telnet:3600:/dev/ttyUSB4:9600 8DATABITS NONE 1STOPBIT banner 119 | 19205:telnet:3600:/dev/ttyUSB4:19200 8DATABITS NONE 1STOPBIT banner 120 | 38405:telnet:3600:/dev/ttyUSB4:38400 8DATABITS NONE 1STOPBIT banner 121 | 11525:telnet:3600:/dev/ttyUSB4:115200 8DATABITS NONE 1STOPBIT banner 122 | 123 | #USB-to-Serial Adapter #6 124 | 2406:telnet:3600:/dev/ttyUSB5:2400 8DATABITS NONE 1STOPBIT banner 125 | 4806:telnet:3600:/dev/ttyUSB5:4800 8DATABITS NONE 1STOPBIT banner 126 | 9606:telnet:3600:/dev/ttyUSB5:9600 8DATABITS NONE 1STOPBIT banner 127 | 19206:telnet:3600:/dev/ttyUSB5:19200 8DATABITS NONE 1STOPBIT banner 128 | 38406:telnet:3600:/dev/ttyUSB5:38400 8DATABITS NONE 1STOPBIT banner 129 | 11526:telnet:3600:/dev/ttyUSB5:115200 8DATABITS NONE 1STOPBIT banner 130 | 131 | #USB-to-Serial Adapter #7 132 | 2407:telnet:3600:/dev/ttyUSB6:2400 8DATABITS NONE 1STOPBIT banner 133 | 4807:telnet:3600:/dev/ttyUSB6:4800 8DATABITS NONE 1STOPBIT banner 134 | 9607:telnet:3600:/dev/ttyUSB6:9600 8DATABITS NONE 1STOPBIT banner 135 | 19207:telnet:3600:/dev/ttyUSB6:19200 8DATABITS NONE 1STOPBIT banner 136 | 38407:telnet:3600:/dev/ttyUSB6:38400 8DATABITS NONE 1STOPBIT banner 137 | 11527:telnet:3600:/dev/ttyUSB6:115200 8DATABITS NONE 1STOPBIT banner 138 | 139 | #USB-to-Serial Adapter #8 140 | 2408:telnet:3600:/dev/ttyUSB7:2400 8DATABITS NONE 1STOPBIT banner 141 | 4808:telnet:3600:/dev/ttyUSB7:4800 8DATABITS NONE 1STOPBIT banner 142 | 9608:telnet:3600:/dev/ttyUSB7:9600 8DATABITS NONE 1STOPBIT banner 143 | 19208:telnet:3600:/dev/ttyUSB7:19200 8DATABITS NONE 1STOPBIT banner 144 | 38408:telnet:3600:/dev/ttyUSB7:38400 8DATABITS NONE 1STOPBIT banner 145 | 11528:telnet:3600:/dev/ttyUSB7:115200 8DATABITS NONE 1STOPBIT banner 146 | 147 | # Cisco USB Console Cables #1-#8 148 | 2001:telnet:3600:/dev/ttyACM0:9600 8DATABITS NONE 1STOPBIT banner 149 | 2002:telnet:3600:/dev/ttyACM1:9600 8DATABITS NONE 1STOPBIT banner 150 | 2003:telnet:3600:/dev/ttyACM2:9600 8DATABITS NONE 1STOPBIT banner 151 | 2004:telnet:3600:/dev/ttyACM3:9600 8DATABITS NONE 1STOPBIT banner 152 | 2005:telnet:3600:/dev/ttyACM4:9600 8DATABITS NONE 1STOPBIT banner 153 | 2006:telnet:3600:/dev/ttyACM5:9600 8DATABITS NONE 1STOPBIT banner 154 | 2007:telnet:3600:/dev/ttyACM6:9600 8DATABITS NONE 1STOPBIT banner 155 | 2008:telnet:3600:/dev/ttyACM7:9600 8DATABITS NONE 1STOPBIT banner 156 | -------------------------------------------------------------------------------- /default/isc-dhcp-server: -------------------------------------------------------------------------------- 1 | # Defaults for isc-dhcp-server (sourced by /etc/init.d/isc-dhcp-server) 2 | 3 | DHCPDv4_CONF=/etc/dhcp/dhcpd.conf 4 | DHCPDv4_PID=/var/run/dhcpd.pid 5 | INTERFACESv4="wlan0 usb0" 6 | 7 | -------------------------------------------------------------------------------- /default/ufw: -------------------------------------------------------------------------------- 1 | # /etc/default/ufw 2 | # 3 | 4 | # Set to yes to apply rules to support IPv6 (no means only IPv6 on loopback 5 | # accepted). You will need to 'disable' and then 'enable' the firewall for 6 | # the changes to take affect. 7 | IPV6=no 8 | 9 | # Set the default input policy to ACCEPT, DROP, or REJECT. Please note that if 10 | # you change this you will most likely want to adjust your rules. 11 | DEFAULT_INPUT_POLICY="DROP" 12 | 13 | # Set the default output policy to ACCEPT, DROP, or REJECT. Please note that if 14 | # you change this you will most likely want to adjust your rules. 15 | DEFAULT_OUTPUT_POLICY="ACCEPT" 16 | 17 | # Set the default forward policy to ACCEPT, DROP or REJECT. Please note that 18 | # if you change this you will most likely want to adjust your rules 19 | DEFAULT_FORWARD_POLICY="ACCEPT" 20 | 21 | # Set the default application policy to ACCEPT, DROP, REJECT or SKIP. Please 22 | # note that setting this to ACCEPT may be a security risk. See 'man ufw' for 23 | # details 24 | DEFAULT_APPLICATION_POLICY="SKIP" 25 | 26 | # By default, ufw only touches its own chains. Set this to 'yes' to have ufw 27 | # manage the built-in chains too. Warning: setting this to 'yes' will break 28 | # non-ufw managed firewall rules 29 | MANAGE_BUILTINS=no 30 | 31 | # 32 | # IPT backend 33 | # 34 | # only enable if using iptables backend 35 | IPT_SYSCTL=/etc/ufw/sysctl.conf 36 | 37 | # Extra connection tracking modules to load. Complete list can be found in 38 | # net/netfilter/Kconfig of your kernel source. Some common modules: 39 | # nf_conntrack_irc, nf_nat_irc: DCC (Direct Client to Client) support 40 | # nf_conntrack_netbios_ns: NetBIOS (samba) client support 41 | # nf_conntrack_pptp, nf_nat_pptp: PPTP over stateful firewall/NAT 42 | # nf_conntrack_ftp, nf_nat_ftp: active FTP support 43 | # nf_conntrack_tftp, nf_nat_tftp: TFTP support (server side) 44 | IPT_MODULES="nf_conntrack_ftp nf_nat_ftp nf_conntrack_netbios_ns" 45 | 46 | -------------------------------------------------------------------------------- /dhcp/dhcpd.conf: -------------------------------------------------------------------------------- 1 | # WLAN Pi Wi-Fi Console Mode DHCP Server Config 2 | 3 | # wlan0 DHCP scope 4 | subnet 192.168.42.0 netmask 255.255.255.224 { 5 | interface wlan0; 6 | range 192.168.42.2 192.168.42.29; 7 | option routers 192.168.42.1; 8 | option domain-name-servers 208.67.222.222, 1.1.1.1; 9 | default-lease-time 86400; 10 | max-lease-time 86400; 11 | } 12 | 13 | # usb0 DHCP scope 14 | subnet 169.254.42.0 netmask 255.255.255.224 { 15 | interface usb0; 16 | range 169.254.42.2 169.254.42.30; 17 | option domain-name-servers wlanpi.local; 18 | option domain-name "wlanpi.local"; 19 | default-lease-time 86400; 20 | max-lease-time 86400; 21 | } 22 | 23 | -------------------------------------------------------------------------------- /images/Cisco-USB-console-cable.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/WLAN-Pi/wconsole/d34a36aba5fc203b90077c692ec0b795b286ef13/images/Cisco-USB-console-cable.jpg -------------------------------------------------------------------------------- /images/Console-cables-plugged-into-appliances.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/WLAN-Pi/wconsole/d34a36aba5fc203b90077c692ec0b795b286ef13/images/Console-cables-plugged-into-appliances.png -------------------------------------------------------------------------------- /images/Wi-Fi-Console-with-multiple-adapters.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/WLAN-Pi/wconsole/d34a36aba5fc203b90077c692ec0b795b286ef13/images/Wi-Fi-Console-with-multiple-adapters.jpg -------------------------------------------------------------------------------- /images/wlanpi_console.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/WLAN-Pi/wconsole/d34a36aba5fc203b90077c692ec0b795b286ef13/images/wlanpi_console.jpg -------------------------------------------------------------------------------- /network/interfaces: -------------------------------------------------------------------------------- 1 | source /etc/network/interfaces.d/* 2 | 3 | auto lo 4 | iface lo inet loopback 5 | 6 | # Wired Ethernet 7 | allow-hotplug eth0 8 | iface eth0 inet dhcp 9 | 10 | # Wireless adapter #1 11 | allow-hotplug wlan0 12 | iface wlan0 inet static 13 | address 192.168.42.1 14 | netmask 255.255.255.224 15 | dns-nameservers 8.8.8.8 208.67.222.222 16 | hostapd /etc/hostapd.conf 17 | 18 | # USB interface 19 | allow-hotplug usb0 20 | iface usb0 inet static 21 | address 169.254.42.1 22 | netmask 255.255.255.224 23 | -------------------------------------------------------------------------------- /release_notes.txt: -------------------------------------------------------------------------------- 1 | V0.08 2 | ----- 3 | 4 | Support added for: 5 | 6 | 1. Cisco USB console cables 7 | 2. Up to 8 USB to serial adapters or 8 Cisco USB console cables 8 | 9 | (Thanks to Jiri Brejcha for this superb update) 10 | 11 | -------------------------------------------------------------------------------- /sysctl/sysctl.conf: -------------------------------------------------------------------------------- 1 | # 2 | # /etc/sysctl.conf - Configuration file for setting system variables 3 | # See /etc/sysctl.d/ for additional system variables. 4 | # See sysctl.conf (5) for information. 5 | # 6 | 7 | #kernel.domainname = example.com 8 | 9 | # Uncomment the following to stop low-level messages on console 10 | kernel.printk = 3 4 1 3 11 | 12 | ##############################################################3 13 | # Functions previously found in netbase 14 | # 15 | 16 | # Uncomment the next two lines to enable Spoof protection (reverse-path filter) 17 | # Turn on Source Address Verification in all interfaces to 18 | # prevent some spoofing attacks 19 | #net.ipv4.conf.default.rp_filter=1 20 | #net.ipv4.conf.all.rp_filter=1 21 | 22 | # Uncomment the next line to enable TCP/IP SYN cookies 23 | # See http://lwn.net/Articles/277146/ 24 | # Note: This may impact IPv6 TCP sessions too 25 | #net.ipv4.tcp_syncookies=1 26 | 27 | # Uncomment the next line to enable packet forwarding for IPv4 28 | net.ipv4.ip_forward=1 29 | 30 | # Uncomment the next line to enable packet forwarding for IPv6 31 | # Enabling this option disables Stateless Address Autoconfiguration 32 | # based on Router Advertisements for this host 33 | #net.ipv6.conf.all.forwarding=1 34 | 35 | 36 | ################################################################### 37 | # Additional settings - these settings can improve the network 38 | # security of the host and prevent against some network attacks 39 | # including spoofing attacks and man in the middle attacks through 40 | # redirection. Some network environments, however, require that these 41 | # settings are disabled so review and enable them as needed. 42 | # 43 | # Do not accept ICMP redirects (prevent MITM attacks) 44 | #net.ipv4.conf.all.accept_redirects = 0 45 | #net.ipv6.conf.all.accept_redirects = 0 46 | # _or_ 47 | # Accept ICMP redirects only for gateways listed in our default 48 | # gateway list (enabled by default) 49 | # net.ipv4.conf.all.secure_redirects = 1 50 | # 51 | # Do not send ICMP redirects (we are not a router) 52 | #net.ipv4.conf.all.send_redirects = 0 53 | # 54 | # Do not accept IP source route packets (we are not a router) 55 | #net.ipv4.conf.all.accept_source_route = 0 56 | #net.ipv6.conf.all.accept_source_route = 0 57 | # 58 | # Log Martian Packets 59 | #net.ipv4.conf.all.log_martians = 1 60 | # 61 | 62 | ################################################################### 63 | # Magic system request Key 64 | # 0=disable, 1=enable all 65 | # Debian kernels have this set to 0 (disable the key) 66 | # See https://www.kernel.org/doc/Documentation/sysrq.txt 67 | # for what other values do 68 | #kernel.sysrq=1 69 | 70 | ################################################################### 71 | # Protected links 72 | # 73 | # Protects against creating or following links under certain conditions 74 | # Debian kernels have both set to 1 (restricted) 75 | # See https://www.kernel.org/doc/Documentation/sysctl/fs.txt 76 | #fs.protected_hardlinks=0 77 | #fs.protected_symlinks=0 78 | vm.swappiness=100 79 | 80 | net.core.wmem_max = 16777216 81 | net.ipv4.tcp_window_scaling = 1 82 | net.ipv4.tcp_rmem = 4096 87380 16777216 83 | net.ipv4.tcp_wmem = 2096 65535 16777216 84 | net.ipv4.tcp_mem = 98304 131072 196608 85 | net.core.netdev_max_backlog = 250000 86 | net.ipv4.tcp_timestamps = 1 87 | net.ipv4.ip_local_port_range = 1025 61000 88 | net.ipv4.tcp_congestion_control=htcp 89 | net.ipv6.conf.all.disable_ipv6 = 1 90 | net.ipv6.conf.default.disable_ipv6 = 1 91 | net.ipv6.conf.lo.disable_ipv6 = 1 92 | -------------------------------------------------------------------------------- /tests/wconsole_tests_01.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # wconsole test suite - all tests to be peformed from the CLI 4 | # of the WLAN Pi while switched in to wconsole mode 5 | # 6 | # 7 | 8 | ########################## 9 | # User configurable vars 10 | ########################## 11 | MODULE=wconsole 12 | VERSION=1.31 13 | COMMENTS="wconsole test suite to verify files & processes" 14 | SCRIPT_NAME=$(basename $0) 15 | 16 | # Tests log file 17 | LOG_FILE="${SCRIPT_NAME}_results.log" 18 | # WLAN Pi status file (hostspot, wiperf etc...) 19 | STATUS_FILE="/etc/wlanpi-state" 20 | 21 | 22 | ########################### 23 | # script global vars 24 | ########################### 25 | # initialize tests passed counter 26 | tests_passed=0 27 | # initialize tests failed counter 28 | tests_failed=0 29 | 30 | ################ 31 | # root check 32 | ################ 33 | if [[ $EUID -ne 0 ]]; then 34 | echo "This script must be run as root" 35 | exit 1 36 | fi 37 | 38 | ############################################## 39 | # Helper functions - see docs at end of file 40 | ############################################## 41 | 42 | summary () { 43 | tests_completed=$((tests_passed + tests_failed)) 44 | echo "" 45 | echo "-----------------------------------" 46 | echo " Total tests: $tests_completed" 47 | echo " Number tests passed: $tests_passed" 48 | echo " Number tests failed: $tests_failed" 49 | echo "-----------------------------------" 50 | echo "" 51 | } 52 | 53 | inc_passed () { tests_passed=$((tests_passed + 1)); } 54 | inc_failed () { tests_failed=$((tests_failed + 1)); } 55 | 56 | info () { echo -n "(info) Test: $1" | tee -a $LOG_FILE; } 57 | info_n () { echo "(info) Test: $1" | tee -a $LOG_FILE; } 58 | comment () { echo $1 | tee -a $LOG_FILE; } 59 | 60 | pass () { inc_passed; echo " $1 (pass)" | tee -a $LOG_FILE; } 61 | fail () { inc_failed; echo " $1 (fail) <--- !!!!!!" | tee -a $LOG_FILE; } 62 | 63 | check () { if [[ $1 ]]; then pass; else fail; fi; } 64 | check_not () { if [[ ! $1 ]]; then pass; else fail; fi; } 65 | 66 | file_exists () { info "Checking file exists: $1"; if [[ -e $1 ]]; then pass; else fail; fi; } 67 | dir_exists () { info "Checking directory exists: $1"; if [[ -d $1 ]]; then pass; else fail; fi; } 68 | symlink_exists () { info "Checking symlink exists: $1"; if [[ -L $1 ]]; then pass; else fail; fi; } 69 | symlink_not () { info "Checking file is not symlink: $1"; if [[ ! -L $1 ]]; then pass; else fail; fi; } 70 | check_process () { info "Checking process running: $1"; if [[ `pgrep $1` ]]; then pass; else fail; fi; } 71 | check_systemctl () { info "Checking systemctl running: $1"; if [[ `systemctl status $1 | grep 'active (running)'` ]]; then pass; else fail; fi; } 72 | 73 | ######################################## 74 | # Test rig overview 75 | ######################################## 76 | echo "\ 77 | 78 | ======================================================= 79 | Test rig description: 80 | 81 | 1. WLAN Pi running image to be tested 82 | 2. Supported wireless NIC card on one of USB ports 83 | 3. WLAN Pi is switched in to wconsole mode 84 | 4. wconsole config files are default 85 | 5. Run tests by joining SSID 'wifi_console' (key = 'wifipros' ) 86 | 6. SSH to 192.168.42.1 and run this test script: 87 | /etc/wconsole/tests/wconsole_tests.01.sh 88 | 89 | =======================================================" | tee $LOG_FILE 90 | 91 | ######################################## 92 | # Test suite 93 | ######################################## 94 | 95 | run_tests () { 96 | 97 | comment "" 98 | comment "###########################################" 99 | comment " Running $MODULE test suite" 100 | comment "###########################################" 101 | comment "" 102 | 103 | # check what state the WLAN Pi is in 104 | info "Checking current mode is wconsole" 105 | check `cat $STATUS_FILE | grep 'wconsole'` 106 | 107 | # check we have directories expected 108 | dir_exists "/etc/wconsole" 109 | 110 | # check various files exist 111 | file_exists "/etc/wconsole/conf/hostapd.conf" 112 | file_exists "/etc/wconsole/conf/ser2net.conf" 113 | file_exists "/etc/wconsole/default/isc-dhcp-server" 114 | file_exists "/etc/wconsole/default/ufw" 115 | file_exists "/etc/wconsole/dhcp/dhcpd.conf" 116 | file_exists "/etc/wconsole/network/interfaces" 117 | file_exists "/etc/wconsole/sysctl/sysctl.conf" 118 | file_exists "/etc/wconsole/ufw/before.rules" 119 | file_exists "/usr/bin/wconsole_switcher" 120 | 121 | # check file symbolic links exist 122 | symlink_exists "/etc/network/interfaces" 123 | symlink_exists "/etc/default/isc-dhcp-server" 124 | symlink_exists "/etc/dhcp/dhcpd.conf" 125 | symlink_exists "/etc/network/interfaces" 126 | symlink_exists "/etc/ser2net.conf" 127 | symlink_exists "/etc/hostapd.conf" 128 | symlink_exists "/etc/sysctl.conf" 129 | symlink_exists "/etc/default/ufw" 130 | symlink_exists "/etc/ufw/before.rules" 131 | 132 | 133 | # check hostapd running 134 | check_process "hostapd" 135 | 136 | # check ser2net running 137 | check_process "ser2net" 138 | 139 | # check dhcpd running 140 | check_process "dhcpd" 141 | 142 | # check wlan port is in correct state (Mode:Master) 143 | info "Checking wlan adapter in master mode" 144 | check `iwconfig wlan0 | grep 'Mode:Master'` 145 | 146 | # check wlan0 up and running with correct IP address 147 | wlan0_ip=192.168.42.1 148 | info "Checking wlan0 has correct IP (${wlan0_ip})" 149 | check `ifconfig wlan0 | grep $wlan0_ip` 150 | 151 | # check expected ports open 152 | info_n "Checking selection of expected network ports open" 153 | port_array=(:9600 :9601 :9602 :9603 :9604 :9605 :9606 :9607 :9608) 154 | for port in "${port_array[@]}"; do 155 | if [[ `netstat -a | grep $port` ]]; then pass $port; else fail $port; fi 156 | done 157 | 158 | # check ufw port ranges are configured 159 | info_n "Checking expected ufw port ranges are open" 160 | range_array=(2400:2408/tcp 4800:4808/tcp 9600:9608/tcp 19200:19208/tcp 11520:11528/tcp 2000:2008/tcp) 161 | for range in "${range_array[@]}"; do 162 | if [[ `ufw status | grep $range` ]]; then pass $range; else fail $range; fi 163 | done 164 | 165 | # Print test run results summary 166 | summary 167 | 168 | comment "" 169 | comment "###########################################" 170 | comment " End of $MODULE test suite" 171 | comment "###########################################" 172 | comment "" 173 | 174 | } 175 | 176 | ######################################## 177 | # main 178 | ######################################## 179 | 180 | case "$1" in 181 | -v) 182 | echo "" 183 | echo "Test script version: $VERSION" 184 | echo $COMMENTS 185 | echo "" 186 | exit 0 187 | ;; 188 | -h) 189 | echo "Usage: $SCRIPT_NAME [ -h | -v ]" 190 | echo "" 191 | echo " $SCRIPT_NAME -v : script version" 192 | echo " $SCRIPT_NAME -h : script help" 193 | echo " $SCRIPT_NAME : run test suite" 194 | echo "" 195 | exit 0 196 | ;; 197 | *) 198 | run_tests 199 | exit $tests_failed 200 | ;; 201 | esac 202 | 203 | # should never reach here, but just in case.... 204 | exit 1 205 | 206 | << 'HOWTO' 207 | 208 | ################################################################################################################# 209 | 210 | Test Utility Documentation 211 | -------------------------- 212 | 213 | This script uses a set of useful utilities to simplify running a series of 214 | tests from this bash script. The syntax of the utilities is shown below: 215 | 216 | inc_passed: increment the test-passed counter (global var 'tests_passed') 217 | inc_failed: increment the test-failed counter (global var 'tests_failed') 218 | info: pre-prend the text in $1 with "info" and send to stdout & the log file (no CR) 219 | info_n: pre-prend the text in $1 with "info" and send to stdout & the log file (inc CR after msg) 220 | pass: write a "pass" msg to stdout & the log file, with optional additional msg in $1 (var passed to function) 221 | fail: write a "fail" msg to stdout & the log file, with optional additional msg in $1 (var passed to function) 222 | comment: output raw text supplied in $1 to std & log file 223 | 224 | check: call pass() if condition passed is true (can inc option msg via $1), otherwise fail() 225 | check_not: call pass() if condition passed is false (can inc option msg via $1), otherwise fail() 226 | 227 | file_exists: call pass() if file name passed via $1 exists, else call fail() 228 | dir_exists: call pass() if dir name passed via $1 exists, else call fail() 229 | symlink_exists: call pass() if file name passed via $1 is a symlink, else call fail() 230 | symlink_not: call pass() if file name passed via $1 is not symlink, else call fail() 231 | check_process: call pass() if process name passed via $1 is running, else call fail() 232 | check_systemctl: call pass() if service name passed via $1 is running, else call fail() 233 | 234 | ################################################################################################################# 235 | HOWTO 236 | -------------------------------------------------------------------------------- /tests/wconsole_tests_02.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # wconsole test suite - all tests to be peformed from the CLI 4 | # of the WLAN Pi while switched in to wconsole mode 5 | # 6 | # 7 | 8 | ########################## 9 | # User configurable vars 10 | ########################## 11 | MODULE=wconsole 12 | VERSION=1.01 13 | COMMENTS="wconsole test suite to verify clean-up when swtched out of wconsole mode" 14 | SCRIPT_NAME=$(basename $0) 15 | 16 | # Tests log file 17 | LOG_FILE="${SCRIPT_NAME}_results.log" 18 | # WLAN Pi status file (hostspot, wiperf etc...) 19 | STATUS_FILE="/etc/wlanpi-state" 20 | 21 | 22 | ########################### 23 | # script global vars 24 | ########################### 25 | # initialize tests passed counter 26 | tests_passed=0 27 | # initialize tests failed counter 28 | tests_failed=0 29 | 30 | ################ 31 | # root check 32 | ################ 33 | if [[ $EUID -ne 0 ]]; then 34 | echo "This script must be run as root" 35 | exit 1 36 | fi 37 | 38 | ############################################## 39 | # Helper functions - see docs at end of file 40 | ############################################## 41 | 42 | summary () { 43 | tests_completed=$((tests_passed + tests_failed)) 44 | echo "" 45 | echo "-----------------------------------" 46 | echo " Total tests: $tests_completed" 47 | echo " Number tests passed: $tests_passed" 48 | echo " Number tests failed: $tests_failed" 49 | echo "-----------------------------------" 50 | echo "" 51 | } 52 | 53 | inc_passed () { tests_passed=$((tests_passed + 1)); } 54 | inc_failed () { tests_failed=$((tests_failed + 1)); } 55 | 56 | info () { echo -n "(info) Test: $1" | tee -a $LOG_FILE; } 57 | info_n () { echo "(info) Test: $1" | tee -a $LOG_FILE; } 58 | comment () { echo $1 | tee -a $LOG_FILE; } 59 | 60 | pass () { inc_passed; echo " $1 (pass)" | tee -a $LOG_FILE; } 61 | fail () { inc_failed; echo " $1 (fail) <--- !!!!!!" | tee -a $LOG_FILE; } 62 | 63 | check () { if [[ $1 ]]; then pass; else fail; fi; } 64 | check_not () { if [[ ! $1 ]]; then pass; else fail; fi; } 65 | 66 | file_exists () { info "Checking file exists: $1"; if [[ -e $1 ]]; then pass; else fail; fi; } 67 | dir_exists () { info "Checking directory exists: $1"; if [[ -d $1 ]]; then pass; else fail; fi; } 68 | symlink_exists () { info "Checking symlink exists: $1"; if [[ -L $1 ]]; then pass; else fail; fi; } 69 | symlink_not () { info "Checking file is not symlink: $1"; if [[ ! -L $1 ]]; then pass; else fail; fi; } 70 | check_process () { info "Checking process running: $1"; if [[ `pgrep $1` ]]; then pass; else fail; fi; } 71 | check_systemctl () { info "Checking systemctl running: $1"; if [[ `systemctl status $1 | grep 'active (running)'` ]]; then pass; else fail; fi; } 72 | 73 | ######################################## 74 | # Test rig overview 75 | ######################################## 76 | echo "\ 77 | 78 | ======================================================= 79 | Test rig description: 80 | 81 | 1. WLAN Pi running image to be tested 82 | 2. Supported wireless NIC card 1n one of USB ports 83 | 3. WLAN Pi is switched back to classic mode after 84 | being tested in wconsole mode 85 | 4. wconsole config files are default 86 | 5. Connect test laptop to WLAN Pi over OTG 87 | 6. SSH to 169.254.42.1 and run this test script: 88 | /etc/wconsole/tests/wconsole_tests_02.sh 89 | 90 | =======================================================" | tee $LOG_FILE 91 | 92 | ######################################## 93 | # Test suite 94 | ######################################## 95 | 96 | run_tests () { 97 | 98 | comment "" 99 | comment "###########################################" 100 | comment " Running $MODULE test suite" 101 | comment "###########################################" 102 | comment "" 103 | 104 | # check what state the WLAN Pi is in 105 | info "Checking current mode is classic" 106 | check `cat $STATUS_FILE | grep 'classic'` 107 | 108 | # check we have directories expected (i.e. nothing removed) 109 | dir_exists "/etc/wconsole" 110 | 111 | # check various files exist (i.e. no files lost during switch back) 112 | file_exists "/etc/default/isc-dhcp-server" 113 | file_exists "/etc/default/ufw" 114 | file_exists "/etc/dhcp/dhcpd.conf" 115 | file_exists "/etc/network/interfaces" 116 | file_exists "/etc/sysctl.conf" 117 | file_exists "/etc/ufw/before.rules" 118 | file_exists "/usr/bin/wconsole_switcher" 119 | 120 | # check files are not symbolic links (i.e. al symlinks added for wconsole mode have been removed) 121 | symlink_not "/etc/network/interfaces" 122 | symlink_not "/etc/default/isc-dhcp-server" 123 | symlink_not "/etc/dhcp/dhcpd.conf" 124 | symlink_not "/etc/network/interfaces" 125 | symlink_not "/etc/ser2net.conf" 126 | symlink_not "/etc/hostapd.conf" 127 | symlink_not "/etc/sysctl.conf" 128 | symlink_not "/etc/default/ufw" 129 | symlink_not "/etc/ufw/before.rules" 130 | 131 | # check wlan port is no longer (Mode:Master) 132 | info "Checking wlan adapter not in master mode" 133 | check_not `iwconfig wlan0 | grep 'Mode:Master'` 134 | 135 | # check wlan0 up and running with correct IP address 136 | wlan0_ip=192.168.42.1 137 | info "Checking wlan0 not using ${wlan0_ip}" 138 | check_not `ifconfig wlan0 | grep $wlan0_ip` 139 | 140 | # check expected ports open 141 | info_n "Checking selection of expected network ports no longer open" 142 | port_array=(:9600 :9601 :9602 :9603 :9604 :9605 :9606 :9607 :9608) 143 | for port in "${port_array[@]}"; do 144 | if [[ ! `netstat -a | grep $port` ]]; then pass $port; else fail $port; fi 145 | done 146 | 147 | # check ufw port ranges are configured 148 | info_n "Checking expected ufw port ranges are no longer open" 149 | range_array=(2400:2408/tcp 4800:4808/tcp 9600:9608/tcp 19200:19208/tcp 11520:11528/tcp 2000:2008/tcp) 150 | for range in "${range_array[@]}"; do 151 | if [[ ! `ufw status | grep $range` ]]; then pass $range; else fail $range; fi 152 | done 153 | 154 | # Print test run results summary 155 | summary 156 | 157 | comment "" 158 | comment "###########################################" 159 | comment " End of $MODULE test suite" 160 | comment "###########################################" 161 | comment "" 162 | 163 | } 164 | 165 | ######################################## 166 | # main 167 | ######################################## 168 | 169 | case "$1" in 170 | -v) 171 | echo "" 172 | echo "Test script version: $VERSION" 173 | echo $COMMENTS 174 | echo "" 175 | exit 0 176 | ;; 177 | -h) 178 | echo "Usage: $SCRIPT_NAME [ -h | -v ]" 179 | echo "" 180 | echo " $SCRIPT_NAME -v : script version" 181 | echo " $SCRIPT_NAME -h : script help" 182 | echo " $SCRIPT_NAME : run test suite" 183 | echo "" 184 | exit 0 185 | ;; 186 | *) 187 | run_tests 188 | exit $tests_failed 189 | ;; 190 | esac 191 | 192 | # should never reach here, but just in case.... 193 | exit 1 194 | 195 | << 'HOWTO' 196 | 197 | ################################################################################################################# 198 | 199 | Test Utility Documentation 200 | -------------------------- 201 | 202 | This script uses a set of useful utilities to simplify running a series of 203 | tests from this bash script. The syntax of the utilities is shown below: 204 | 205 | inc_passed: increment the test-passed counter (global var 'tests_passed') 206 | inc_failed: increment the test-failed counter (global var 'tests_failed') 207 | info: pre-prend the text in $1 with "info" and send to stdout & the log file (no CR) 208 | info_n: pre-prend the text in $1 with "info" and send to stdout & the log file (inc CR after msg) 209 | pass: write a "pass" msg to stdout & the log file, with optional additional msg in $1 (var passed to function) 210 | fail: write a "fail" msg to stdout & the log file, with optional additional msg in $1 (var passed to function) 211 | comment: output raw text supplied in $1 to std & log file 212 | 213 | check: call pass() if condition passed is true (can inc option msg via $1), otherwise fail() 214 | check_not: call pass() if condition passed is false (can inc option msg via $1), otherwise fail() 215 | 216 | file_exists: call pass() if file name passed via $1 exists, else call fail() 217 | dir_exists: call pass() if dir name passed via $1 exists, else call fail() 218 | symlink_exists: call pass() if file name passed via $1 is a symlink, else call fail() 219 | symlink_not: call pass() if file name passed via $1 is not symlink, else call fail() 220 | check_process: call pass() if process name passed via $1 is running, else call fail() 221 | check_systemctl: call pass() if service name passed via $1 is running, else call fail() 222 | 223 | ################################################################################################################# 224 | HOWTO 225 | -------------------------------------------------------------------------------- /ufw/before.rules: -------------------------------------------------------------------------------- 1 | # 2 | # rules.before 3 | # 4 | # Rules that should be run before the ufw command line added rules. Custom 5 | # rules should be added to one of these chains: 6 | # ufw-before-input 7 | # ufw-before-output 8 | # ufw-before-forward 9 | # 10 | 11 | # Don't delete these required lines, otherwise there will be errors 12 | *filter 13 | :ufw-before-input - [0:0] 14 | :ufw-before-output - [0:0] 15 | :ufw-before-forward - [0:0] 16 | :ufw-not-local - [0:0] 17 | # End required lines 18 | 19 | 20 | # allow all on loopback 21 | -A ufw-before-input -i lo -j ACCEPT 22 | -A ufw-before-output -o lo -j ACCEPT 23 | 24 | # quickly process packets for which we already have a connection 25 | -A ufw-before-input -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT 26 | -A ufw-before-output -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT 27 | -A ufw-before-forward -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT 28 | 29 | # drop INVALID packets (logs these in loglevel medium and higher) 30 | -A ufw-before-input -m conntrack --ctstate INVALID -j ufw-logging-deny 31 | -A ufw-before-input -m conntrack --ctstate INVALID -j DROP 32 | 33 | # ok icmp codes for INPUT 34 | -A ufw-before-input -p icmp --icmp-type destination-unreachable -j ACCEPT 35 | -A ufw-before-input -p icmp --icmp-type source-quench -j ACCEPT 36 | -A ufw-before-input -p icmp --icmp-type time-exceeded -j ACCEPT 37 | -A ufw-before-input -p icmp --icmp-type parameter-problem -j ACCEPT 38 | -A ufw-before-input -p icmp --icmp-type echo-request -j ACCEPT 39 | 40 | # ok icmp code for FORWARD 41 | -A ufw-before-forward -p icmp --icmp-type destination-unreachable -j ACCEPT 42 | -A ufw-before-forward -p icmp --icmp-type source-quench -j ACCEPT 43 | -A ufw-before-forward -p icmp --icmp-type time-exceeded -j ACCEPT 44 | -A ufw-before-forward -p icmp --icmp-type parameter-problem -j ACCEPT 45 | -A ufw-before-forward -p icmp --icmp-type echo-request -j ACCEPT 46 | 47 | # allow dhcp client to work 48 | -A ufw-before-input -p udp --sport 67 --dport 68 -j ACCEPT 49 | 50 | # 51 | # ufw-not-local 52 | # 53 | -A ufw-before-input -j ufw-not-local 54 | 55 | # if LOCAL, RETURN 56 | -A ufw-not-local -m addrtype --dst-type LOCAL -j RETURN 57 | 58 | # if MULTICAST, RETURN 59 | -A ufw-not-local -m addrtype --dst-type MULTICAST -j RETURN 60 | 61 | # if BROADCAST, RETURN 62 | -A ufw-not-local -m addrtype --dst-type BROADCAST -j RETURN 63 | 64 | # all other non-local packets are dropped 65 | -A ufw-not-local -m limit --limit 3/min --limit-burst 10 -j ufw-logging-deny 66 | -A ufw-not-local -j DROP 67 | 68 | # allow MULTICAST mDNS for service discovery (be sure the MULTICAST line above 69 | # is uncommented) 70 | -A ufw-before-input -p udp -d 224.0.0.251 --dport 5353 -j ACCEPT 71 | 72 | # allow MULTICAST UPnP for service discovery (be sure the MULTICAST line above 73 | # is uncommented) 74 | -A ufw-before-input -p udp -d 239.255.255.250 --dport 1900 -j ACCEPT 75 | 76 | # don't delete the 'COMMIT' line or these rules won't be processed 77 | COMMIT 78 | 79 | # NAT rule to nat the Hotspot network behind the Ethernet interface 80 | *nat 81 | :POSTROUTING ACCEPT [0:0] 82 | -A POSTROUTING -s 192.168.42.0/27 -o eth0 -j MASQUERADE 83 | 84 | COMMIT 85 | 86 | -------------------------------------------------------------------------------- /version.txt: -------------------------------------------------------------------------------- 1 | v0.09 2 | -------------------------------------------------------------------------------- /wconsole_switcher: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # 4 | # wconsole_switcher - script to switch wconsole on/off 5 | # (usually called from the WLANPi menu system) 6 | # 7 | # Written by Nigel Bowden . 8 | # 9 | # History: 10 | # 11 | # v0.01 - 28th June 2019 - Added more ports for various serial speeds 12 | # v0.02 - 29th June 2019 - Changed name to wconsole 13 | # v0.03 - 30th June 2019 - Updated to add/remove FW rules at switch time 14 | # (not during install) 15 | # v0.04 - 25th July 2019 - Updated to remove install option 16 | # - Added file checks before file copy/del operations 17 | # v0.05 - no notes 18 | # v0.06 - no notes 19 | # v0.07 - 26th January 2020 - added check for WLAN NIC AP mode support 20 | # v0.08 - 8th Feb 2020 - added support for Cisco USB cable 21 | # v0.09 - 10th May 2020 - added support for new mode state file 22 | 23 | set -e 24 | 25 | NAME=wconsole_switcher 26 | DESC="Script to switch wconsole on/off" 27 | VERSION=0.07 28 | STATUS_FILE="/etc/wlanpi-state" 29 | 30 | if [[ $EUID -ne 0 ]]; then 31 | echo "This script must be run as root" 32 | exit 1 33 | fi 34 | 35 | ############################################################################### 36 | # 37 | # Activate wconsole: 38 | # 39 | # 1. Backup various existing files to allow restoration when Wi-Fi console 40 | # deactivated 41 | # 2. Remove a number of existing files that need to be replaced 42 | # 3. Create links from deleted file locations to Wi-Fi console config files 43 | # 4. Update ufw to allow tcp ports through that may be used for access 44 | # 5. Create status file to indicate Wi-Fi console is active 45 | # 6. Reboot the wlanpi to ensure clean activation 46 | # 47 | ############################################################################### 48 | wconsole_on () { 49 | 50 | # check what state the WLAN Pi is in 51 | PI_STATUS=`cat $STATUS_FILE | grep 'classic'` || true 52 | if [ -z "$PI_STATUS" ]; then 53 | echo "Failed - WLAN Pi is not in classic mode." 54 | exit 1 55 | fi 56 | 57 | 58 | # check if the WLAN NIC supports AP mode before switching 59 | # iw list | awk '/Supported interface modes/, /Band/' | grep '\* AP' 60 | AP_SUPPORT=`iw list | awk '/Supported interface modes/, /Band/' | grep '\* AP'` || true 61 | if [ -z "$AP_SUPPORT" ]; then 62 | echo "Failed - AP Mode not supported by adapter." 63 | exit 1 64 | fi 65 | 66 | 67 | echo "Enabling Wi-Fi console..." 68 | # Backup files 69 | if [ -e /etc/default/isc-dhcp-server ]; then 70 | cp /etc/default/isc-dhcp-server /etc/default/isc-dhcp-server.wcon 71 | fi 72 | if [ -e /etc/dhcp/dhcpd.conf ]; then 73 | cp /etc/dhcp/dhcpd.conf /etc/dhcp/dhcpd.conf.wcon 74 | fi 75 | if [ -e /etc/network/interfaces ]; then 76 | cp /etc/network/interfaces /etc/network/interfaces.wcon 77 | fi 78 | if [ -e /etc/sysctl.conf ]; then 79 | cp /etc/sysctl.conf /etc/sysctl.conf.wcon 80 | fi 81 | if [ -e /etc/default/ufw ]; then 82 | cp /etc/default/ufw /etc/default/ufw.wcon 83 | fi 84 | if [ -e /etc/ufw/before.rules ]; then 85 | cp /etc/ufw/before.rules /etc/ufw/before.rules.wcon 86 | fi 87 | # These files may or may not exist 88 | if [ -e /etc/ser2net.conf ]; then 89 | cp /etc/ser2net.conf /etc/ser2net.conf.wcon 90 | fi 91 | if [ -e /etc/hostapd.conf ]; then 92 | cp /etc/hostapd.conf /etc/hostapd.conf.wcon 93 | fi 94 | 95 | # Remove existing files 96 | rm -f /etc/default/isc-dhcp-server 97 | rm -f /etc/dhcp/dhcpd.conf 98 | rm -f /etc/network/interfaces 99 | rm -f /etc/sysctl.conf 100 | rm -f /etc/default/ufw 101 | rm -f /etc/ufw/before.rules 102 | 103 | # These files may or may not exist 104 | if [ -e /etc/ser2net.conf ]; then 105 | rm /etc/ser2net.conf 106 | fi 107 | if [ -e /etc/hostapd.conf ]; then 108 | rm /etc/hostapd.conf 109 | fi 110 | 111 | # Link to files in wconsole 112 | ln -s /etc/wconsole/default/isc-dhcp-server /etc/default/isc-dhcp-server 113 | ln -s /etc/wconsole/dhcp/dhcpd.conf /etc/dhcp/dhcpd.conf 114 | ln -s /etc/wconsole/network/interfaces /etc/network/interfaces 115 | ln -s /etc/wconsole/conf/ser2net.conf /etc/ser2net.conf 116 | ln -s /etc/wconsole/conf/hostapd.conf /etc/hostapd.conf 117 | ln -s /etc/wconsole/sysctl/sysctl.conf /etc/sysctl.conf 118 | ln -s /etc/wconsole/default/ufw /etc/default/ufw 119 | ln -s /etc/wconsole/ufw/before.rules /etc/ufw/before.rules 120 | 121 | # Open up console ports on FW 122 | ufw allow 2400:2408/tcp 123 | ufw allow 4800:4808/tcp 124 | ufw allow 9600:9608/tcp 125 | ufw allow 19200:19208/tcp 126 | ufw allow 38400:38408/tcp 127 | ufw allow 11520:11528/tcp 128 | ufw allow 2000:2008/tcp 129 | 130 | # Signal that wconsole active 131 | echo "wconsole" > $STATUS_FILE 132 | echo "WLAN Pi will now reboot" 133 | sleep 1 134 | reboot 135 | } 136 | 137 | ############################################################################### 138 | # 139 | # Deactivate wconsole: 140 | # 141 | # 1. Remove links created during activation 142 | # 2. Restore config files backed up during activation 143 | # 3. Remove firewall rules added during activation 144 | # 4. Remove status file to indicate Wi-Fi console no longer active 145 | # 5. Reboot wlanpi to provide clean restoration of services 146 | # 147 | ############################################################################### 148 | wconsole_off () { 149 | 150 | # check what state the WLAN Pi is in 151 | PI_STATUS=`cat $STATUS_FILE | grep 'wconsole'` || true 152 | if [ -z "$PI_STATUS" ]; then 153 | echo "Failed - WLAN Pi is not in wconsole mode." 154 | exit 1 155 | fi 156 | 157 | echo "Disabling Wi-Fi console..." 158 | # Remove sym links to wconsole 159 | unlink /etc/default/isc-dhcp-server 160 | unlink /etc/dhcp/dhcpd.conf 161 | unlink /etc/network/interfaces 162 | unlink /etc/ser2net.conf 163 | unlink /etc/hostapd.conf 164 | unlink /etc/sysctl.conf 165 | unlink /etc/default/ufw 166 | unlink /etc/ufw/before.rules 167 | 168 | # Restore old files 169 | cp /etc/default/isc-dhcp-server.wcon /etc/default/isc-dhcp-server 170 | cp /etc/dhcp/dhcpd.conf.wcon /etc/dhcp/dhcpd.conf 171 | cp /etc/network/interfaces.wcon /etc/network/interfaces 172 | cp /etc/sysctl.conf.wcon /etc/sysctl.conf 173 | cp /etc/default/ufw.wcon /etc/default/ufw 174 | cp /etc/ufw/before.rules.wcon /etc/ufw/before.rules 175 | # These files may or may not exist 176 | if [ -e /etc/ser2net.conf.wcon ]; then 177 | cp /etc/ser2net.conf.wcon /etc/ser2net.conf 178 | fi 179 | if [ -e /etc/hostapd.conf.wcon ]; then 180 | cp /etc/hostapd.conf.wcon /etc/hostapd.conf 181 | fi 182 | # Close ports on FW 183 | ufw delete allow 2400:2408/tcp 184 | ufw delete allow 4800:4808/tcp 185 | ufw delete allow 9600:9608/tcp 186 | ufw delete allow 19200:19208/tcp 187 | ufw delete allow 38400:38408/tcp 188 | ufw delete allow 2000:2008/tcp 189 | ufw delete allow 11520:11528/tcp 190 | echo "WLAN Pi will now reboot" 191 | echo "classic" > $STATUS_FILE 192 | sleep 1 193 | reboot 194 | } 195 | 196 | status () { 197 | PI_STATUS=`cat $STATUS_FILE | grep 'wconsole'` || true 198 | if [ -z "$PI_STATUS" ]; then 199 | echo "wconsole is currently disabled" 200 | exit 0 201 | else 202 | echo "wconsole is currently enabled" 203 | exit 0 204 | fi 205 | 206 | } 207 | 208 | version () { 209 | N=/etc/wconsole/$NAME 210 | echo "Version: $N $VERSION" >&2 211 | exit 1 212 | 213 | } 214 | 215 | case "$1" in 216 | on) 217 | wconsole_on 218 | ;; 219 | off) 220 | wconsole_off 221 | ;; 222 | status) 223 | status 224 | ;; 225 | version) 226 | version;; 227 | *) 228 | N=/etc/wconsole/$NAME 229 | echo "Usage: $N {on|off|status|version}" >&2 230 | exit 1 231 | ;; 232 | esac 233 | 234 | exit 0 235 | 236 | --------------------------------------------------------------------------------