Setting Up an OpenBSD Access Point

OpenBSD introduced HostAP-mode functionality in Version 3.1. As with FreeBSD, the support comes native in the core operating system and not through a piece of third-party software. The FreeBSD and OpenBSD projects share a great deal of wireless code, and the HostAP functionality is no exception. Generally, the same capabilities that exist in FreeBSD exist in OpenBSD as well.

When setting up an OpenBSD access point, you should start out with a stripped-down and secured kernel. For a discussion on compiling a locked-down OpenBSD kernel, see Section 6.2. There should be little difference between a client kernel and an access-point kernel. Both devices are in vulnerable locations on the network and should be treated the same.

At this time, HostAP mode is only available on Prism-based cards. Be sure you are using a Prism card and that you have the Prism driver (wi) compiled into your kernel. This section describes how to make a bridging access point. This will allow devices on the wired and wireless side of the access point to be in the same broadcast domain. Most firmware-based access points work this way and provide flexibility in your network configuration. You must compile bridging support into your kernel by adding the following line to your global configuration file:

pseudo-device    bridge    2     #network bridging support

The number following the bridge device indicates the number of possible bridges the host will be able to configure. For a standard ...

Get 802.11 Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.