The DSL Router usually sets up the internet connection with PPPOE. This means, on your computer you just have to enable DHCP with netconfig. Thats all.

This section is compiled mainly form the Linux Wireless LAN Howto, Edafe Knabe and a helpful tutorial from www.SlackForum.de.

• OS: Slack 12.0
• A WLAN PC-Card is used as network interface card (NIC). For linux compatible cards see this list or look at the overview for other lists.
• No WLAN PC-Card is inserted, no internal WLAN card is present (or no appropriate kernel module for internal card is loaded)
• ifconfig -a at most shows your wired ethernet card (eth0) and your loopback (lo)
• iwconfig says:

lo    no wireless extensions
eth0  no wireless extensions

• Type tail -f /var/log/messages and insert WLAN PC-Card (I used a „D-Link Air DCF-660W“). Some messages from /etc/rc.d/rc.inet1 should appear. Additionally pccardctl ident gives information about the inserted card.
• iwconfig should now reveal the name of the new wireless network interface card (NIC), typically eth1 or eth2. I'll exemplary use eth1 here)
• You can use iwlist scan to look for access points in range.
• Do basic network configuration with netconfig. The easiest is to enable DHCP and let your router do all network settings.
• netconfig can only set eth0, so open /etc/rc.d/rc.inte1.conf and move the settings of eth0 to your wireless interface. In the following example netconfig was told to just use DHCP and the wirelless NIC is eth1:

Before:

# Config information for eth0:
IPADDR[0]=""
NETMASK[0]=""
USE_DHCP[0]="yes"
DHCP_HOSTNAME[0]=""
 
# Config information for eth1:
IPADDR[1]=""
NETMASK[1]=""
USE_DHCP[1]=""
DHCP_HOSTNAME[1]=""

After:

# Config information for eth0:
IPADDR[0]=""
NETMASK[0]=""
USE_DHCP[0]=""
DHCP_HOSTNAME[0]=""
 
# Config information for eth1:
IPADDR[1]=""
NETMASK[1]=""
USE_DHCP[1]="yes"
DHCP_HOSTNAME[1]=""

• Set your DSL router to WEP security and auto channel selection. This can be done usually through a wired connection to the router and its browser interface.
• Rember the ESSID and KEY entries of your DSL router.
• Add ESSID and KEY to the wireless NIC section in /etc/rc.d/rc.inte1.conf. Example:

# Config information for eth1:
IPADDR[1]=""
NETMASK[1]=""
USE_DHCP[1]="yes"
DHCP_HOSTNAME[1]=""
WLAN_ESSID[1]="Your ESSID here"           # <- Add and edit this line
WLAN_KEY[1]="Your (hexadecimal) key here" # <- Add and edit this line

Notes:

• Optionally use my sbreconfig script for easily switching between wired und wireless connection settings.
• According to slackbook.org it is necessary to edit /etc/rc.d/rc.wireless.conf. This is not necessary any more. However it is necessary to leave /etc/rc.d/rc.wireless runnable (tested).

Basic setup like in With WLAN PC-Card and DSL Router above. The more secure WPA requires the following steps:

• Set your DSL router to WPA security. (Use a wired connection for this in the event of something goes wrong)
• open /etc/rc.d/rc.inte1.conf and append the following WLAN_xxx entries to your wireless NIC section. (Remove WLAN_ESSID and WLAN_KEY entries if you used WEP before) Example:

# Config information for eth1:
IPADDR[1]=""
NETMASK[1]=""
USE_DHCP[1]="yes"
DHCP_HOSTNAME[1]=""
WLAN_MODE[1]="Managed"        # <- Add this line
WLAN_WPA[1]="wpa_supplicant"  # <- Add this line
WLAN_WPADRIVER[1]="wext"      # <- Add this line

• Reduce /etc/wpa_supplicant.conf to the following entries. Important: The psk key has to be specified in double qoutes:!:

ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=0
eapol_version=1
ap_scan=1
fast_reauth=1
 
network={
  scan_ssid=0
  ssid="your SSID here" # <- edit!
  proto=WPA
  key_mgmt=WPA-PSK
  pairwise=CCMP TKIP
  group=CCMP TKIP WEP104 WEP40
  psk="your (hexadecimal) key here"  # <- edit! Use double quotes!
}

• Basic setup like in Use WPA instead of WEP security above
• wpa_supplicant is used, so /etc/rc.d/rc.inte1.conf has to be the same as in Use WPA instead of WEP security above.
• Reduce /etc/wpa_supplicant.conf to the following entries:

ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=0
eapol_version=1
ap_scan=1
fast_reauth=1
 
# Plaintext connection (no WPA, no IEEE 802.1X),
# nice for hotel/airport types of WiFi network.
network={
  ssid="any"    # <=replace with correct SSID you got from 'iwlist scan'!
  key_mgmt=NONE
  priority=2
}

Slack 12.1 provides this template:

network={
  key_mgmt=NONE
  priority=0
}

Test this in a public WLAN:

• Will omitting the ESSID work at all?
• What when more thane one SSIDs are available?
• Does it work also with default /etc/wpa_supplicant.conf (where the entry for a WPA protected network is also present)?

The configuration of rc.inet1.conf below (where /etc/wpa_supplicant.conf is not used at all) also work for an unencrypted SOHO router. Test this in a public WLAN!

# Config information for eth1:
IPADDR[1]=""
NETMASK[1]=""
USE_DHCP[1]="yes"
DHCP_HOSTNAME[1]=""
WLAN_ESSID[1]="Your ESSID here" # <- Add this line and fill in your ESSID
WLAN_KEY[1]="off"               # <- Add but DO NOT edit this line

As of Slack 12.1 the Intel 3945 wireless firmware is already included (Package iwlwifi-3945-ucode). Thus the rest of this chapter seems to be obsolete. In order to get iwlist scan to work, on Slack 12.2 in my case it was necessary to remove and add again the appropriate kernel module iwl3945 with the modprobe command.

This is tested on a HP Compaq 6710b Laptop running Slack 12.0 with an Intel PRO/Wireless 3945ABG Network Connection Card. The card type can be determined by looking in the output of lspci -v command.

According to hardware4linux.info Slackware 12 includes the driver (along with instructions by Pat on how to set it up) under /extra

The following installation steps are compiled mainly form slackware-12.0/extra/intel-wlan-ipw3945/README_Slackware.TXT and slackware-12.0/extra/intel-wlan-ipw3945/INSTALL for a Slack 12.0 32 Bit System. I kept records of the individual steps in the form of a shellscript. However, for better conrol, I would recommend to issue the individual commands manually:

url='http://ftp.gwdg.de/pub/linux/slackware/slackware-12.0/extra/intel-wlan-ipw3945/'
module='ipw3945-1.2.1'
ucode='ipw3945-ucode-1.14.2'
daemon='ipw3945d-1.7.22'
 
# Download Sources
#  (Downloading the ieee80211-subsystem is not necessary
#  It is already included in Slack package kernel-modules-smp-2.6.21.5_smp-i686-2 on your system)
wget $url/kernel-module/$module.tar.gz $url/microcode/$ucode.tgz $url/regulatory-daemon/$daemon.tgz
 
# Build kernelmodule ipw3945.ko:
tar -xzf $module.tar.gz
cd $module
make
 
# Install ipw3945.ko to /lib/modules/2.6.21.5-smp/kernel/drivers/net/wireless/
su
make install
exit
cd ..
 
# Install the microcode:
tar -xzf $ucode.tgz
cd $ucode
su
cp ipw3945.ucode /lib/firmware
exit
cd ..
 
# Install the regulatory daemon:
tar -xzf $daemon.tgz
su
cp $daemon/x86/ipw3945d /sbin
exit

• First look for a (usually blue) wireless button/LED on your laptop and switch it on. On my HP Compaq 6710b the test failed without that step.
• Become root
• Run iwconfig. It should say something like

lo        no wireless extensions.
eth0      no wireless extensions.

• Run ipw3945-1.2.1/load
• Run iwconfig again. You should now have a new ethernet device eth1 or eth2

Note: The command /sbin/modprobe ipw3945 in /etc/rc.d/rc.modules or /etc/rc.d/rc.netdevice like PV in slackware-12.0/extra/intel-wlan-ipw3945/README_Slackware.TXT recommends for me was not necessary, because KMOD or hotplug obviously loads the ipw3945 and dependencies automatically.

Append the following lines /etc/rc.d/rc.local:

# Start Regulatory Daemon for Intel PRO/Wireless 3945ABG Network Connection:
/sbin/ipw3945d

After reboot you should have your wireless ethernet device available (check agagin with iwconfig).

Now you can continue with the configuration as described above in With PCMCIA-WLAN-Card and DSL Router → Setup

Backup:

cp -a /etc/ppp /etc/ppp.org''
cp /etc/resolv.conf /etc/resolv.conf.org

setup command (as root): pppoe-setup (was till Slack10.0 adsl-setup) :

PPPoE user name:    frn6/stbeckert # Freenet
Ethernet Interface: eth0
Activate-on-demand: 180            # yes; idle timeout = 180 seconds
DNS addresses:      server         # Supplied by ISP's server
PPPoE password:     ?              # Provided by ISP
Firewalling:        0              # = NONE : No firewall

Die Einstellungen kann man nachträglich noch in /etc/ppp/ppoe.conf ändern.

Put pppoe-start into rc.local

At the first connection there is no resolv.conf, so a ping to e.g web.de won't start the demand-connection. Do a ping to an IP, eg 217.72.195

• ISP example: knuut
• Doc pppsetup with usepeerdns demand debug

To add another ISP later, add username & password to /etc/ppp/pap-secrets (or chap-secrets):

# Username      Server      Password      IP addresses
"knUUt"     *   "knUUt"
"smart91"   *   "surfen"
"avisgo"    *   "avisgo"

Then adjust the phone number of the ISP in /etc/ppp/pppscript at the line OK atdtXXXXXX„

And finally change the name entry in /etc/ppp/options or options.demand to the username provided by the ISP, eg: name „knUUt“

Create /etc/rc.d/rc.firewall and make it runnable. Thus rc.firewall will be called automatically by rc.inet2 (which is called by rc.M which is usually called at boot time).

#!/bin/sh
# Information sources:
#   [1] Masquerading-Simple-HOWTO
#   [2] man iptables
 
ODEV=ppp0
 
# LOAD KERNEL MODULES
# ipt_MASQUERADE it will load ip_tables, ip_conntrack and iptable_nat. [1]
# If the kernel is configured with automatic module loading, an attempt will be
# made to load the appropriate module for that table [2]
#modprobe ipt_MASQERADE
 
 
# FLUSCH IPTABLES (empty chains, does not reset the policy)
iptables -F			# -t filter ist the default
iptables -t nat -F
iptables -t mangle -F
 
 
# FIREWALL:
# allow any existing connections, or anything related (e.g. ftp server
# connecting back to you)
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
 
# allow new connections only from our intranet (localhost / internal network).
# The ! $ODEV means anything but external device (important also for loopbak)
iptables -A INPUT -m state --state NEW -i ! $ODEV -j ACCEPT
 
# Default policy: deny everything else:
iptables -P INPUT DROP
 
# necessary ???
# mal nachgucken, ob sich die Ausgabe von iptables -L mit & ohne diesem Befehl
# unterscheidet:
iptables -A FORWARD -i $ODEV -o $ODEV -j REJECT
 
 
# MASQUERADING
# In der NAT-Tabelle (-t nat) eine Regel fuer alle ueber das Internet-
# Device (-o) ausgehenden Pakete, die maskiert werden sollen, hinter dem
# Routing (POSTROUTING) anhaengen (-A).
iptables -t nat -A POSTROUTING -o $ODEV -j MASQUERADE
 
 
# Definitions:
#   There are 3 tables: filter (default), nat, mangle
#   A table contains chains (built in or user defined)
#   A chain is a list of rules and a policy
#   A rule specifies packet criteria and a target
#   A target can be ACCEPT, DROP, user-defined chain, MASQUERADE, REJECT, ...
#
# General: (simplyfied)
#   The first rule in the chain with matching packet criteria sends the packet to its rule-target.
#   If the end of a built-in chain is reached, because no rule matched the chain policy treats the packet.
#
# Overview:
#   Table:
#     Chain:
#   filter
#     INPUT       packets coming into the box itself
#     FORWARD     packets being routed through the box
#     OUTPUT      locally-generated packets
#   nat
#     PREROUTING  altering packets as soon as they come in
#     OUTPUT      altering locally-generated packets before routing
#     POSTROUTING altering packets as they are about to go out
#   mangle
#     ...

Check, if this is the same as in my old homepage