Add hostapd.conf.5 man file, with content borrowed from NetBSD
This commit is contained in:
parent
d43dbfdc3d
commit
98c3ed927a
127
hostapd.conf.5
Normal file
127
hostapd.conf.5
Normal file
@ -0,0 +1,127 @@
|
|||||||
|
.\" Manpage for hostapd.conf.
|
||||||
|
.\" Original scrape of https://www.daemon-systems.org/man/hostapd.conf.5.html
|
||||||
|
.\" Contact linville@redhat.com to correct errors or typos.
|
||||||
|
.TH hostapd.conf 5 "10 Feb 2021" "1.0" "hostapd.conf man page"
|
||||||
|
.SH NAME
|
||||||
|
hostapd.conf \- configuration file for hostapd(8) utility
|
||||||
|
.SH DESCRIPTION
|
||||||
|
The hostapd.conf utility is an authenticator for IEEE 802.11 networks.
|
||||||
|
It provides full support for WPA/IEEE 802.11i and can also act as an IEEE
|
||||||
|
802.1X Authenticator with a suitable backend Authentication Server
|
||||||
|
(typically FreeRADIUS).
|
||||||
|
The configuration file consists of global parameters and domain specific
|
||||||
|
configuration:
|
||||||
|
.P
|
||||||
|
\(bu IEEE 802.1X-2004
|
||||||
|
.P
|
||||||
|
\(bu RADIUS client
|
||||||
|
.P
|
||||||
|
\(bu RADIUS authentication server
|
||||||
|
.P
|
||||||
|
\(bu WPA/IEEE 802.11i
|
||||||
|
.SH GLOBAL PARAMETERS
|
||||||
|
The following parameters are recognized:
|
||||||
|
.SS interface
|
||||||
|
Interface name. Should be set in "hostap" mode.
|
||||||
|
.SS debug
|
||||||
|
Debugging mode: 0 = no, 1 = minimal, 2 = verbose, 3 = msg dumps,
|
||||||
|
4 = excessive.
|
||||||
|
.SS dump_file
|
||||||
|
Dump file for state information (on SIGUSR1).
|
||||||
|
.SS ctrl_interface
|
||||||
|
The pathname of the directory in which hostapd(8) creates UNIX
|
||||||
|
domain socket files for communication with frontend programs such
|
||||||
|
as hostapd_cli(8).
|
||||||
|
.SS ctrl_interface_group
|
||||||
|
A group name or group ID to use in setting protection on the
|
||||||
|
control interface file. This can be set to allow non-root users
|
||||||
|
to access the control interface files. If no group is specified,
|
||||||
|
the group ID of the control interface is not modified and will,
|
||||||
|
typically, be the group ID of the directory in which the socket
|
||||||
|
is created.
|
||||||
|
.SH IEEE 802.1X-2004 PARAMETERS
|
||||||
|
The following parameters are recognized:
|
||||||
|
.SS ieee8021x
|
||||||
|
Require IEEE 802.1X authorization.
|
||||||
|
.SS eap_message
|
||||||
|
Optional displayable message sent with EAP Request-Identity.
|
||||||
|
.SS wep_key_len_broadcast
|
||||||
|
Key lengths for broadcast keys.
|
||||||
|
.SS wep_key_len_unicast
|
||||||
|
Key lengths for unicast keys.
|
||||||
|
.SS wep_rekey_period
|
||||||
|
Rekeying period in seconds.
|
||||||
|
.SS eapol_key_index_workaround
|
||||||
|
EAPOL-Key index workaround (set bit7) for WinXP Supplicant.
|
||||||
|
.SS eap_reauth_period
|
||||||
|
EAP reauthentication period in seconds. To disable
|
||||||
|
reauthentication, use "0".
|
||||||
|
.SH RADIUS CLIENT PARAMETERS
|
||||||
|
The following parameters are recognized:
|
||||||
|
.SS own_ip_addr
|
||||||
|
The own IP address of the access point (used as NAS-IP-Address).
|
||||||
|
.SS nas_identifier
|
||||||
|
Optional NAS-Identifier string for RADIUS messages.
|
||||||
|
.SS auth_server_addr, auth_server_port, auth_server_shared_secret
|
||||||
|
RADIUS authentication server parameters. Can be defined twice
|
||||||
|
for secondary servers to be used if primary one does not reply to
|
||||||
|
RADIUS packets.
|
||||||
|
.SS acct_server_addr, acct_server_port, acct_server_shared_secret
|
||||||
|
RADIUS accounting server parameters. Can be defined twice for
|
||||||
|
secondary servers to be used if primary one does not reply to
|
||||||
|
RADIUS packets.
|
||||||
|
.SS radius_retry_primary_interval
|
||||||
|
Retry interval for trying to return to the primary RADIUS server
|
||||||
|
(in seconds).
|
||||||
|
.SS radius_acct_interim_interval
|
||||||
|
Interim accounting update interval. If this is set (larger than
|
||||||
|
0) and acct_server is configured, hostapd(8) will send interim
|
||||||
|
accounting updates every N seconds.
|
||||||
|
.SH RADIUS AUTHENTICATION SERVER PARAMETERS
|
||||||
|
The following parameters are recognized:
|
||||||
|
.SS radius_server_clients
|
||||||
|
File name of the RADIUS clients configuration for the RADIUS
|
||||||
|
server. If this is commented out, RADIUS server is disabled.
|
||||||
|
.SS radius_server_auth_port
|
||||||
|
The UDP port number for the RADIUS authentication server.
|
||||||
|
.SS radius_server_ipv6
|
||||||
|
Use IPv6 with RADIUS server.
|
||||||
|
.SH WPA/IEEE 802.11i PARAMETERS
|
||||||
|
The following parameters are recognized:
|
||||||
|
.SS wpa
|
||||||
|
Enable WPA. Setting this variable configures the AP to require
|
||||||
|
WPA (either WPA-PSK or WPA-RADIUS/EAP based on other
|
||||||
|
configuration).
|
||||||
|
.SS wpa_psk, wpa_passphrase
|
||||||
|
WPA pre-shared keys for WPA-PSK. This can be either entered as a
|
||||||
|
256-bit secret in hex format (64 hex digits), wpa_psk, or as an
|
||||||
|
ASCII passphrase (8..63 characters) that will be converted to
|
||||||
|
PSK. This conversion uses SSID so the PSK changes when ASCII
|
||||||
|
passphrase is used and the SSID is changed.
|
||||||
|
.SS wpa_psk_file
|
||||||
|
Optionally, WPA PSKs can be read from a separate text file
|
||||||
|
(containing a list of (PSK,MAC address) pairs.
|
||||||
|
.SS wpa_key_mgmt
|
||||||
|
Set of accepted key management algorithms (WPA-PSK, WPA-EAP, or
|
||||||
|
both).
|
||||||
|
.SS wpa_pairwise
|
||||||
|
Set of accepted cipher suites (encryption algorithms) for
|
||||||
|
pairwise keys (unicast packets). See the example file for more
|
||||||
|
information.
|
||||||
|
.SS wpa_group_rekey
|
||||||
|
Time interval for rekeying GTK (broadcast/multicast encryption
|
||||||
|
keys) in seconds.
|
||||||
|
.SS wpa_strict_rekey
|
||||||
|
Rekey GTK when any STA that possesses the current GTK is leaving
|
||||||
|
the BSS.
|
||||||
|
.SS wpa_gmk_rekey
|
||||||
|
Time interval for rekeying GMK (master key used internally to
|
||||||
|
generate GTKs (in seconds).
|
||||||
|
.SH SEE ALSO
|
||||||
|
hostapd(8), hostapd_cli(8), /usr/share/examples/hostapd/hostapd.conf
|
||||||
|
.SH HISTORY
|
||||||
|
The hostapd.conf manual page and hostapd(8) functionality first appeared
|
||||||
|
in NetBSD 4.0.
|
||||||
|
.SH AUTHORS
|
||||||
|
This manual page is derived from the README and hostapd.conf files in the
|
||||||
|
hostapd distribution provided by Jouni Malinen <jkmaline@cc.hut.fi>.
|
18
hostapd.spec
18
hostapd.spec
@ -2,7 +2,7 @@
|
|||||||
|
|
||||||
Name: hostapd
|
Name: hostapd
|
||||||
Version: 2.9
|
Version: 2.9
|
||||||
Release: 7%{?dist}
|
Release: 8%{?dist}
|
||||||
Summary: IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
|
Summary: IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
|
||||||
License: BSD
|
License: BSD
|
||||||
URL: http://w1.fi/hostapd
|
URL: http://w1.fi/hostapd
|
||||||
@ -10,8 +10,9 @@ URL: http://w1.fi/hostapd
|
|||||||
Source0: http://w1.fi/releases/%{name}-%{version}.tar.gz
|
Source0: http://w1.fi/releases/%{name}-%{version}.tar.gz
|
||||||
Source1: %{name}.service
|
Source1: %{name}.service
|
||||||
Source2: %{name}.conf
|
Source2: %{name}.conf
|
||||||
Source3: %{name}.sysconfig
|
Source3: %{name}.conf.5
|
||||||
Source4: %{name}.init
|
Source4: %{name}.sysconfig
|
||||||
|
Source5: %{name}.init
|
||||||
|
|
||||||
# https://w1.fi/security/2019-7/ap-mode-pmf-disconnection-protection-bypass.txt
|
# https://w1.fi/security/2019-7/ap-mode-pmf-disconnection-protection-bypass.txt
|
||||||
Patch1: https://w1.fi/security/2019-7/0001-AP-Silently-ignore-management-frame-from-unexpected-.patch
|
Patch1: https://w1.fi/security/2019-7/0001-AP-Silently-ignore-management-frame-from-unexpected-.patch
|
||||||
@ -101,7 +102,7 @@ install -p -m 644 -D %{SOURCE1} %{buildroot}%{_unitdir}/%{name}.service
|
|||||||
%else
|
%else
|
||||||
|
|
||||||
# Initscripts
|
# Initscripts
|
||||||
install -p -m 755 -D %{SOURCE4} %{buildroot}%{_initrddir}/%{name}
|
install -p -m 755 -D %{SOURCE5} %{buildroot}%{_initrddir}/%{name}
|
||||||
|
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
@ -118,7 +119,7 @@ install -d %{buildroot}/%{_sysconfdir}/%{name}
|
|||||||
install -pm 0600 %{SOURCE2} %{buildroot}/%{_sysconfdir}/%{name}
|
install -pm 0600 %{SOURCE2} %{buildroot}/%{_sysconfdir}/%{name}
|
||||||
|
|
||||||
install -d %{buildroot}/%{_sysconfdir}/sysconfig
|
install -d %{buildroot}/%{_sysconfdir}/sysconfig
|
||||||
install -pm 0644 %{SOURCE3} %{buildroot}/%{_sysconfdir}/sysconfig/%{name}
|
install -pm 0644 %{SOURCE4} %{buildroot}/%{_sysconfdir}/sysconfig/%{name}
|
||||||
|
|
||||||
# binaries
|
# binaries
|
||||||
install -d %{buildroot}/%{_sbindir}
|
install -d %{buildroot}/%{_sbindir}
|
||||||
@ -126,8 +127,9 @@ install -pm 0755 %{name}/%{name} %{buildroot}%{_sbindir}/%{name}
|
|||||||
install -pm 0755 %{name}/%{name}_cli %{buildroot}%{_sbindir}/%{name}_cli
|
install -pm 0755 %{name}/%{name}_cli %{buildroot}%{_sbindir}/%{name}_cli
|
||||||
|
|
||||||
# man pages
|
# man pages
|
||||||
install -d %{buildroot}%{_mandir}/man{1,8}
|
install -d %{buildroot}%{_mandir}/man{1,5,8}
|
||||||
install -pm 0644 %{name}/%{name}_cli.1 %{buildroot}%{_mandir}/man1
|
install -pm 0644 %{name}/%{name}_cli.1 %{buildroot}%{_mandir}/man1
|
||||||
|
install -pm 0644 %{SOURCE3} %{buildroot}%{_mandir}/man5
|
||||||
install -pm 0644 %{name}/%{name}.8 %{buildroot}%{_mandir}/man8
|
install -pm 0644 %{name}/%{name}.8 %{buildroot}%{_mandir}/man8
|
||||||
|
|
||||||
# prepare docs
|
# prepare docs
|
||||||
@ -179,6 +181,7 @@ fi
|
|||||||
%{_sbindir}/%{name}_cli
|
%{_sbindir}/%{name}_cli
|
||||||
%dir %{_sysconfdir}/%{name}
|
%dir %{_sysconfdir}/%{name}
|
||||||
%{_mandir}/man1/*
|
%{_mandir}/man1/*
|
||||||
|
%{_mandir}/man5/*
|
||||||
%{_mandir}/man8/*
|
%{_mandir}/man8/*
|
||||||
%if 0%{?fedora} || 0%{?rhel} >= 7
|
%if 0%{?fedora} || 0%{?rhel} >= 7
|
||||||
%{_unitdir}/%{name}.service
|
%{_unitdir}/%{name}.service
|
||||||
@ -192,6 +195,9 @@ fi
|
|||||||
%{_sysconfdir}/logwatch/scripts/services/%{name}
|
%{_sysconfdir}/logwatch/scripts/services/%{name}
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Feb 10 2020 Johwn W. Linville <linville@redhat.com> - 2.9-8
|
||||||
|
- Add hostapd.conf.5 man file, with content borrowed from NetBSD
|
||||||
|
|
||||||
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.9-7
|
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.9-7
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user