SCM Repository

#!/bin/sh
#
# This file is part of the FreeWRT project. FreeWRT is copyrighted
# material, please see the LICENCE file in the top-level directory
# or at http://www.freewrt.org/licence for details.
#
# Copyright (c) 2007
#	Thorsten Glaser <tg@freewrt.org>
#   Christian Fischer <spaetzle@freewrt.org>
# Copyright (c) 2006
#	Dirk Nehring <dnehring@freewrt.org>
#	Christian Fischer <spaetzle@freewrt.org>

init_debug() {
	err=$(eval "$*" 2>&1) && return 0
	mstate 1
	merr "Driver init error"
	mprint -s "${*}: $err"
	return 0
}

iface_type() {
	[[ $IF_WIRELESS_TYPE = broadcom ]] && echo $IFACE | grep -q ^wl[0-9]
}

security_none() {
	wsec=0
	[[ $IF_WIRELESS_MODE = sta ]] && init_debug wl join $IF_WIRELESS_SSID
}

security_wep() {
	local wkey pkey wkey_set

	wsec=1
	init_debug wl eap 0
	init_debug wl wpa_auth 0

	if [[ $IF_WIRELESS_MODE = sta ]]; then
		case $IF_WIRELESS_AUTHORIZATION in
		shared)
			authorization=shared
			;;
		*)
			authorization=open
			;;
		esac

		init_debug wl join $IF_WIRELESS_SSID key $IF_WIRELESS_KEY1 \
			amode $authorization
		return 0
	else
		for keyno in '' 0 1 2 3; do
			eval wkey='$IF_WIRELESS_KEY'$keyno
			[[ -z $wkey ]] && continue

			# wkey ist set, do an entry
			init_debug wl addwep ${keyno:-0} $wkey
			wkey_set=1  # mark as done

			# is key numberless?
			[[ -z $keyno ]] && break  # yes, ignore numbered keys

			# primary key number set?
			[[ -z $pkey ]] && pkey=$keyno  # set it with the first one found

			# set primary key number from config if it isn't out of range
			[[ $IF_WIRELESS_PRIMARY_KEY = $keyno ]] && pkey=$keyno
		done

		[[ -z $wkey_set ]] && return 1  # no wepkey entries done, break here
		init_debug wl primary_key $pkey
	fi
}

security_wpapsk() {
	local postup

	case $IF_WIRELESS_AUTHORIZATION in
	psk)
		auth=4
		;;
	psk2)
		auth=128
		;;
	"psk psk2")
		auth=132
		;;
	*)
		mstate 1
		merr "Wrong wireless authorisation $IF_WIRELESS_AUTHORIZATION for security wpa-psk"
		return 1
		;;
	esac

	init_debug wl eap 0
	init_debug wl wpa_auth $auth

	# don't handle wds as special case, i think its only interesting
	# if we have routed or bridged networking
	if bridged_mode; then
		cat > ${postup}/postup <<EOF
mprint -n "Starting nas daemon"
(doquit=0
trap 'doquit=1' USR1
while sleep 1; do
	[[ \$doquit = 0 ]] || break
	/usr/sbin/nas -P /var/run/nas.lan.pid -l $BRIDGE_IFACE -H 34954 \
	    -i $IFACE $nas_auth -m $auth -k $IF_WIRELESS_WPA_KEY \
	    -s $IF_WIRELESS_SSID -w $wsec -g $gtk_rekey
done) &
echo \$! >/var/run/nas.watch.pid
mstate 0
EOF
	else
		# routed
		mprint -n "Starting nas daemon"
		(doquit=0
		trap 'doquit=1' USR1
		while sleep 1; do
			[[ $doquit = 0 ]] || break
			/usr/sbin/nas -P /var/run/nas.lan.pid -H 34954 \
			    -i $IFACE $nas_auth -m $auth \
			    -k "$IF_WIRELESS_WPA_KEY" -s "$IF_WIRELESS_SSID" \
			    -w $wsec -g $gtk_rekey
		done) &
		echo $! >/var/run/nas.watch.pid
		mstate 0
	fi
}

security_8021x() {
	local postup

	case $IF_WIRELESS_AUTHORIZATION in
	wep)
		auth=0
		# only honour bridged or routed
		if bridged_mode; then
			cat > ${postup}/postup <<EOF
mprint -n "Starting nas daemon"
(doquit=0
trap 'doquit=1' USR1
while sleep 1; do
	[[ \$doquit = 0 ]] || break
	/usr/sbin/nas -P /var/run/nas.lan.pid -l $BRIDGE_IFACE -H 34954 \
	    -i $IFACE
done) &
echo \$! >/var/run/nas.watch.pid
mstate 0
EOF
		else
			mprint -n "Starting nas daemon"
			(doquit=0
			trap 'doquit=1' USR1
			while sleep 1; do
				[[ $doquit = 0 ]] || break
				/usr/sbin/nas -P /var/run/nas.lan.pid \
				    -H 34954 -i $IFACE
			done) &
			echo $! >/var/run/nas.watch.pid
			mstate 0
		fi
		return 0
		;;
	wpa)
		auth=2
		;;
	wpa2)
		auth=64
		;;
	"wpa wpa2")
		auth=66
		;;
	*)
		merr "Wrong wireless authorisation $IF_WIRELESS_AUTHORIZATION for security wpa-psk"
		return 1
		;;
	esac

	init_debug wl wpa_auth $auth
	init_debug wl eap 0

	if bridged_mode; then
		cat > ${postup}/postup <<EOF
mprint -n "Starting nas daemon"
(doquit=0
trap 'doquit=1' USR1
while sleep 1; do
	[[ \$doquit = 0 ]] || break
	/usr/sbin/nas -P /var/run/nas.lan.pid $BRIDGE_IFACE -H 34954 \
	    -i $IFACE -A -m $auth -r "$IF_WIRELESS_RADIUS_KEY" \
	    -h $IF_WIRELESS_RADIUS_IPADDR -p ${IF_WIRELESS_RADIUS_PORT:-1812} \
	    -t 36000 -s "$IF_WIRELESS_SSID" -w $crypto_num -g $gtk_rekey
done) &
echo \$! >/var/run/nas.watch.pid
mstate 0
EOF
	else
		mprint -n "Starting nas daemon"
		(doquit=0
		trap 'doquit=1' USR1
		while sleep 1; do
			[[ $doquit = 0 ]] || break
			/usr/sbin/nas -P /var/run/nas.lan.pid -H 34954 \
			    -i $IFACE -A -m $auth -r "$IF_WIRELESS_RADIUS_KEY" \
			    -h $IF_WIRELESS_RADIUS_IPADDR \
			    -p ${IF_WIRELESS_RADIUS_PORT:-1812} -t 36000 \
			    -s "$IF_WIRELESS_SSID" -w $crypto_num -g $gtk_rekey
		done) &
		echo $! >/var/run/nas.watch.pid
		mstate 0
	fi
}

get_bridge_iface() {
	[[ -x $(whence -p brctl) ]] || return 1
	brctl show 2>&- | grep -q $IFACE || return 1
	for var in $(brctl show 2>&- | grep -o ^[a-z]*[^[:space:]]); do
		brctl showstp $var | grep -q ^${IFACE}[[:space:]] || continue
		BRIDGE_IFACE=$var
		return 0
	done
}

bridged_mode() {
	if [[ $PARENT_IFACE_TYPE = bridge ]]; then
		BRIDGE_IFACE=$PARENT_IFACE
	else
		get_bridge_iface || return 1

		if ! is_up $BRIDGE_IFACE; then
			mprint -n "Starting nas daemon"
			mstate 1
			merr "Can not start nas daemon, bridge $BRIDGE_IFACE isn't up"
			exit 1
		fi
	fi
	postup="/tmp/ifupdown/pcode/${BRIDGE_IFACE}/$IFACE"
	mkdir -p $postup
	chmod 700 $postup
	return 0
}

if_preup() {
	bridged_mode && return 0
	grep $IFACE /etc/network/interfaces | sed 's/#.*$//' | \
		grep -q bridge-ifaces || return 0
	minfo "Skipping $IFACE until bridge goes up"
	built_in exit 1
}

if_up() {
	local nas_auth opmode_init_string wsec err

	mprint -n "Initializing $IFACE_TYPE $IFACE"

	[[ -z $IF_WIRELESS_SSID ]] && err="ESSID not set"
	[[ -z $IF_WIRELESS_MODE ]] && err="Operation mode not set"
	[[ $IF_WIRELESS_SECURITY = 8021x && -z $IF_WIRELESS_RADIUS_IPADDR &&\
		 $IF_WIRELESS_AUTHORIZATION != wep ]] && \
		err="Radius server address not set"

	if [[ -n $err ]]; then
		mstate 1
		merr $err
		return 1
	fi


	# kill old nas process
	thepid=
	[[ -e /var/run/nas.watch.pid ]] && thepid=$(</var/run/nas.watch.pid)
	if [[ -n $thepid && -d /proc/$thepid ]]; then
		kill -USR1 $thepid
		sleep 1
		kill $thepid
		sleep 1
		kill -9 $thepid
	fi
	killall nas


	### init driver ###
	#
	init_debug wl radio on
	init_debug wl infra 1
	init_debug wl monitor 0
	init_debug wl macmode 0
	init_debug wl mac none
	init_debug wl lazywds 0

	# set operation mode
	case $IF_WIRELESS_MODE in
	sta)
		nas_auth="-S "
		init_debug wl ap 0
		bridged_mode && init_debug wl wet 1
		;;
	ap)
		nas_auth="-A "
		init_debug wl ap 1
		;;
	wds)
		[[ -z $IF_WIRELESS_WDS ]] && return 1
		# TODO: messages
		init_debug wl ap 1
		;;
	adhoc)
		init_debug wl ap 0
		init_debug wl infra 0
		init_debug wl join $IF_WIRELESS_SSID imode ibss
		;;
	monitor)
		init_debug wl ap 0
		init_debug wl monitor 1
		;;
	*)
		mstate 1
		merr "Unknown operation mode $IF_WIRELESS_MODE"
		return 1
		;;
	esac

	case $IF_WIRELESS_ENCRYPTION in
	wep)
		wsec=1
		;;
	tkip)
		wsec=2
		;;
	aes)
		wsec=4
		;;
	aes+tkip)
		wsec=6
		;;
	esac

	# set country
	[[ -n $IF_WIRELESS_COUNTRY ]] && init_debug wl country $IF_WIRELESS_COUNTRY

	# set gmode
	[[ -n $IF_WIRELESS_GMODE ]] && init_debug wl gmode $IF_WIRELESS_GMODE

	# set isolate mode
	[[ -n $IF_WIRELESS_ISOLATE ]] && init_debug wl ap_isolate \
		$IF_WIRELESS_ISOLATE

	# set macmode mode
	[[ -n $IF_WIRELESS_MACMODE ]] && init_debug wl macmode $IF_WIRELESS_MACMODE

	# set MAC addresses
	[[ -n $IF_WIRELESS_MAC ]] && init_debug wl mac $IF_WIRELESS_MAC

	# set WLAN channel
	[[ -n $IF_WIRELESS_CHANNEL ]] && init_debug wl channel $IF_WIRELESS_CHANNEL

	# set frameburst
	[[ -n $IF_WIRELESS_FRAMEBURST ]] && init_debug wl frameburst \
		$IF_WIRELESS_FRAMEBURST

	# set afterburner
	# remove this because command afterburner_override seems to be nonexistent for now
	#[[ -n $IF_WIRELESS_AFTERBURNER ]] && init_debug wl afterburner_override \
	#	$IF_WIRELESS_AFTERBURNER

	gtk_rekey=${IF_WIRELESS_WPA_GTK_REKEY:-3600}
	gtk_rekey=${gtk_rekey#0}

	case $IF_WIRELESS_SECURITY in
	none)
		security_none
		;;
	wep)
		security_wep
		;;
	wpa-psk)
		security_wpapsk
		;;
	8021x)
		security_8021x
		;;
	*)
		# no fallback
		mstate 1
		merr "Wireless security not set"
		return 1
		;;
	esac

	init_debug wl ssid $IF_WIRELESS_SSID
	init_debug wl wsec $wsec
	init_debug wl up
	mstate 0

	[[ -z $PARENT_IFACE_TYPE ]] && is_up ${BRIDGE_IFACE:="FOO"} || return 0

	[[ -f /tmp/ifupdown/pcode/${BRIDGE_IFACE}/${IFACE}/postup ]] && \
		. /tmp/ifupdown/pcode/${BRIDGE_IFACE}/${IFACE}/postup
}

if_down() {
	mdestroy
	init_debug wl mac none
	init_debug wl radio off
	init_debug wl down

	thepid=
	[[ -e /var/run/nas.watch.pid ]] && thepid=$(</var/run/nas.watch.pid)
	if [[ -n $thepid && -d /proc/$thepid ]]; then
		kill -USR1 $thepid
		sleep 1
		kill $thepid
		sleep 1
		kill -9 $thepid
	fi
	killall nas

	mstate 0
	return
}

# vim:ts=4
// Log In
// CVSweb
Project: FreeWRT
// Summary // Activity // Search // Tracker // Lists // News // SCM // Wiki
1	#!/bin/sh
2	#
3	# This file is part of the FreeWRT project. FreeWRT is copyrighted
4	# material, please see the LICENCE file in the top-level directory
5	# or at http://www.freewrt.org/licence for details.
6	#
7	# Copyright (c) 2007
8	# Thorsten Glaser <tg@freewrt.org>
9	# Christian Fischer <spaetzle@freewrt.org>
10	# Copyright (c) 2006
11	# Dirk Nehring <dnehring@freewrt.org>
12	# Christian Fischer <spaetzle@freewrt.org>
13
14	init_debug() {
15	err=$(eval "$*" 2>&1) && return 0
16	mstate 1
17	merr "Driver init error"
18	mprint -s "${*}: $err"
19	return 0
20	}
21
22	iface_type() {
23	[[ $IF_WIRELESS_TYPE = broadcom ]] && echo $IFACE \| grep -q ^wl[0-9]
24	}
25
26	security_none() {
27	wsec=0
28	[[ $IF_WIRELESS_MODE = sta ]] && init_debug wl join $IF_WIRELESS_SSID
29	}
30
31	security_wep() {
32	local wkey pkey wkey_set
33
34	wsec=1
35	init_debug wl eap 0
36	init_debug wl wpa_auth 0
37
38	if [[ $IF_WIRELESS_MODE = sta ]]; then
39	case $IF_WIRELESS_AUTHORIZATION in
40	shared)
41	authorization=shared
42	;;
43	*)
44	authorization=open
45	;;
46	esac
47
48	init_debug wl join $IF_WIRELESS_SSID key $IF_WIRELESS_KEY1 \
49	amode $authorization
50	return 0
51	else
52	for keyno in '' 0 1 2 3; do
53	eval wkey='$IF_WIRELESS_KEY'$keyno
54	[[ -z $wkey ]] && continue
55
56	# wkey ist set, do an entry
57	init_debug wl addwep ${keyno:-0} $wkey
58	wkey_set=1 # mark as done
59
60	# is key numberless?
61	[[ -z $keyno ]] && break # yes, ignore numbered keys
62
63	# primary key number set?
64	[[ -z $pkey ]] && pkey=$keyno # set it with the first one found
65
66	# set primary key number from config if it isn't out of range
67	[[ $IF_WIRELESS_PRIMARY_KEY = $keyno ]] && pkey=$keyno
68	done
69
70	[[ -z $wkey_set ]] && return 1 # no wepkey entries done, break here
71	init_debug wl primary_key $pkey
72	fi
73	}
74
75	security_wpapsk() {
76	local postup
77
78	case $IF_WIRELESS_AUTHORIZATION in
79	psk)
80	auth=4
81	;;
82	psk2)
83	auth=128
84	;;
85	"psk psk2")
86	auth=132
87	;;
88	*)
89	mstate 1
90	merr "Wrong wireless authorisation $IF_WIRELESS_AUTHORIZATION for security wpa-psk"
91	return 1
92	;;
93	esac
94
95	init_debug wl eap 0
96	init_debug wl wpa_auth $auth
97
98	# don't handle wds as special case, i think its only interesting
99	# if we have routed or bridged networking
100	if bridged_mode; then
101	cat > ${postup}/postup <<EOF
102	mprint -n "Starting nas daemon"
103	(doquit=0
104	trap 'doquit=1' USR1
105	while sleep 1; do
106	[[ \$doquit = 0 ]] \|\| break
107	/usr/sbin/nas -P /var/run/nas.lan.pid -l $BRIDGE_IFACE -H 34954 \
108	-i $IFACE $nas_auth -m $auth -k $IF_WIRELESS_WPA_KEY \
109	-s $IF_WIRELESS_SSID -w $wsec -g $gtk_rekey
110	done) &
111	echo \$! >/var/run/nas.watch.pid
112	mstate 0
113	EOF
114	else
115	# routed
116	mprint -n "Starting nas daemon"
117	(doquit=0
118	trap 'doquit=1' USR1
119	while sleep 1; do
120	[[ $doquit = 0 ]] \|\| break
121	/usr/sbin/nas -P /var/run/nas.lan.pid -H 34954 \
122	-i $IFACE $nas_auth -m $auth \
123	-k "$IF_WIRELESS_WPA_KEY" -s "$IF_WIRELESS_SSID" \
124	-w $wsec -g $gtk_rekey
125	done) &
126	echo $! >/var/run/nas.watch.pid
127	mstate 0
128	fi
129	}
130
131	security_8021x() {
132	local postup
133
134	case $IF_WIRELESS_AUTHORIZATION in
135	wep)
136	auth=0
137	# only honour bridged or routed
138	if bridged_mode; then
139	cat > ${postup}/postup <<EOF
140	mprint -n "Starting nas daemon"
141	(doquit=0
142	trap 'doquit=1' USR1
143	while sleep 1; do
144	[[ \$doquit = 0 ]] \|\| break
145	/usr/sbin/nas -P /var/run/nas.lan.pid -l $BRIDGE_IFACE -H 34954 \
146	-i $IFACE
147	done) &
148	echo \$! >/var/run/nas.watch.pid
149	mstate 0
150	EOF
151	else
152	mprint -n "Starting nas daemon"
153	(doquit=0
154	trap 'doquit=1' USR1
155	while sleep 1; do
156	[[ $doquit = 0 ]] \|\| break
157	/usr/sbin/nas -P /var/run/nas.lan.pid \
158	-H 34954 -i $IFACE
159	done) &
160	echo $! >/var/run/nas.watch.pid
161	mstate 0
162	fi
163	return 0
164	;;
165	wpa)
166	auth=2
167	;;
168	wpa2)
169	auth=64
170	;;
171	"wpa wpa2")
172	auth=66
173	;;
174	*)
175	merr "Wrong wireless authorisation $IF_WIRELESS_AUTHORIZATION for security wpa-psk"
176	return 1
177	;;
178	esac
179
180	init_debug wl wpa_auth $auth
181	init_debug wl eap 0
182
183	if bridged_mode; then
184	cat > ${postup}/postup <<EOF
185	mprint -n "Starting nas daemon"
186	(doquit=0
187	trap 'doquit=1' USR1
188	while sleep 1; do
189	[[ \$doquit = 0 ]] \|\| break
190	/usr/sbin/nas -P /var/run/nas.lan.pid $BRIDGE_IFACE -H 34954 \
191	-i $IFACE -A -m $auth -r "$IF_WIRELESS_RADIUS_KEY" \
192	-h $IF_WIRELESS_RADIUS_IPADDR -p ${IF_WIRELESS_RADIUS_PORT:-1812} \
193	-t 36000 -s "$IF_WIRELESS_SSID" -w $crypto_num -g $gtk_rekey
194	done) &
195	echo \$! >/var/run/nas.watch.pid
196	mstate 0
197	EOF
198	else
199	mprint -n "Starting nas daemon"
200	(doquit=0
201	trap 'doquit=1' USR1
202	while sleep 1; do
203	[[ $doquit = 0 ]] \|\| break
204	/usr/sbin/nas -P /var/run/nas.lan.pid -H 34954 \
205	-i $IFACE -A -m $auth -r "$IF_WIRELESS_RADIUS_KEY" \
206	-h $IF_WIRELESS_RADIUS_IPADDR \
207	-p ${IF_WIRELESS_RADIUS_PORT:-1812} -t 36000 \
208	-s "$IF_WIRELESS_SSID" -w $crypto_num -g $gtk_rekey
209	done) &
210	echo $! >/var/run/nas.watch.pid
211	mstate 0
212	fi
213	}
214
215	get_bridge_iface() {
216	[[ -x $(whence -p brctl) ]] \|\| return 1
217	brctl show 2>&- \| grep -q $IFACE \|\| return 1
218	for var in $(brctl show 2>&- \| grep -o ^[a-z]*[^[:space:]]); do
219	brctl showstp $var \| grep -q ^${IFACE}[[:space:]] \|\| continue
220	BRIDGE_IFACE=$var
221	return 0
222	done
223	}
224
225	bridged_mode() {
226	if [[ $PARENT_IFACE_TYPE = bridge ]]; then
227	BRIDGE_IFACE=$PARENT_IFACE
228	else
229	get_bridge_iface \|\| return 1
230
231	if ! is_up $BRIDGE_IFACE; then
232	mprint -n "Starting nas daemon"
233	mstate 1
234	merr "Can not start nas daemon, bridge $BRIDGE_IFACE isn't up"
235	exit 1
236	fi
237	fi
238	postup="/tmp/ifupdown/pcode/${BRIDGE_IFACE}/$IFACE"
239	mkdir -p $postup
240	chmod 700 $postup
241	return 0
242	}
243
244	if_preup() {
245	bridged_mode && return 0
246	grep $IFACE /etc/network/interfaces \| sed 's/#.*$//' \| \
247	grep -q bridge-ifaces \|\| return 0
248	minfo "Skipping $IFACE until bridge goes up"
249	built_in exit 1
250	}
251
252	if_up() {
253	local nas_auth opmode_init_string wsec err
254
255	mprint -n "Initializing $IFACE_TYPE $IFACE"
256
257	[[ -z $IF_WIRELESS_SSID ]] && err="ESSID not set"
258	[[ -z $IF_WIRELESS_MODE ]] && err="Operation mode not set"
259	[[ $IF_WIRELESS_SECURITY = 8021x && -z $IF_WIRELESS_RADIUS_IPADDR &&\
260	$IF_WIRELESS_AUTHORIZATION != wep ]] && \
261	err="Radius server address not set"
262
263	if [[ -n $err ]]; then
264	mstate 1
265	merr $err
266	return 1
267	fi
268
269
270	# kill old nas process
271	thepid=
272	[[ -e /var/run/nas.watch.pid ]] && thepid=$(</var/run/nas.watch.pid)
273	if [[ -n $thepid && -d /proc/$thepid ]]; then
274	kill -USR1 $thepid
275	sleep 1
276	kill $thepid
277	sleep 1
278	kill -9 $thepid
279	fi
280	killall nas
281
282
283	### init driver ###
284	#
285	init_debug wl radio on
286	init_debug wl infra 1
287	init_debug wl monitor 0
288	init_debug wl macmode 0
289	init_debug wl mac none
290	init_debug wl lazywds 0
291
292	# set operation mode
293	case $IF_WIRELESS_MODE in
294	sta)
295	nas_auth="-S "
296	init_debug wl ap 0
297	bridged_mode && init_debug wl wet 1
298	;;
299	ap)
300	nas_auth="-A "
301	init_debug wl ap 1
302	;;
303	wds)
304	[[ -z $IF_WIRELESS_WDS ]] && return 1
305	# TODO: messages
306	init_debug wl ap 1
307	;;
308	adhoc)
309	init_debug wl ap 0
310	init_debug wl infra 0
311	init_debug wl join $IF_WIRELESS_SSID imode ibss
312	;;
313	monitor)
314	init_debug wl ap 0
315	init_debug wl monitor 1
316	;;
317	*)
318	mstate 1
319	merr "Unknown operation mode $IF_WIRELESS_MODE"
320	return 1
321	;;
322	esac
323
324	case $IF_WIRELESS_ENCRYPTION in
325	wep)
326	wsec=1
327	;;
328	tkip)
329	wsec=2
330	;;
331	aes)
332	wsec=4
333	;;
334	aes+tkip)
335	wsec=6
336	;;
337	esac
338
339	# set country
340	[[ -n $IF_WIRELESS_COUNTRY ]] && init_debug wl country $IF_WIRELESS_COUNTRY
341
342	# set gmode
343	[[ -n $IF_WIRELESS_GMODE ]] && init_debug wl gmode $IF_WIRELESS_GMODE
344
345	# set isolate mode
346	[[ -n $IF_WIRELESS_ISOLATE ]] && init_debug wl ap_isolate \
347	$IF_WIRELESS_ISOLATE
348
349	# set macmode mode
350	[[ -n $IF_WIRELESS_MACMODE ]] && init_debug wl macmode $IF_WIRELESS_MACMODE
351
352	# set MAC addresses
353	[[ -n $IF_WIRELESS_MAC ]] && init_debug wl mac $IF_WIRELESS_MAC
354
355	# set WLAN channel
356	[[ -n $IF_WIRELESS_CHANNEL ]] && init_debug wl channel $IF_WIRELESS_CHANNEL
357
358	# set frameburst
359	[[ -n $IF_WIRELESS_FRAMEBURST ]] && init_debug wl frameburst \
360	$IF_WIRELESS_FRAMEBURST
361
362	# set afterburner
363	# remove this because command afterburner_override seems to be nonexistent for now
364	#[[ -n $IF_WIRELESS_AFTERBURNER ]] && init_debug wl afterburner_override \
365	# $IF_WIRELESS_AFTERBURNER
366
367	gtk_rekey=${IF_WIRELESS_WPA_GTK_REKEY:-3600}
368	gtk_rekey=${gtk_rekey#0}
369
370	case $IF_WIRELESS_SECURITY in
371	none)
372	security_none
373	;;
374	wep)
375	security_wep
376	;;
377	wpa-psk)
378	security_wpapsk
379	;;
380	8021x)
381	security_8021x
382	;;
383	*)
384	# no fallback
385	mstate 1
386	merr "Wireless security not set"
387	return 1
388	;;
389	esac
390
391	init_debug wl ssid $IF_WIRELESS_SSID
392	init_debug wl wsec $wsec
393	init_debug wl up
394	mstate 0
395
396	[[ -z $PARENT_IFACE_TYPE ]] && is_up ${BRIDGE_IFACE:="FOO"} \|\| return 0
397
398	[[ -f /tmp/ifupdown/pcode/${BRIDGE_IFACE}/${IFACE}/postup ]] && \
399	. /tmp/ifupdown/pcode/${BRIDGE_IFACE}/${IFACE}/postup
400	}
401
402	if_down() {
403	mdestroy
404	init_debug wl mac none
405	init_debug wl radio off
406	init_debug wl down
407
408	thepid=
409	[[ -e /var/run/nas.watch.pid ]] && thepid=$(</var/run/nas.watch.pid)
410	if [[ -n $thepid && -d /proc/$thepid ]]; then
411	kill -USR1 $thepid
412	sleep 1
413	kill $thepid
414	sleep 1
415	kill -9 $thepid
416	fi
417	killall nas
418
419	mstate 0
420	return
421	}
422
423	# vim:ts=4