Chapter 7 Demonstrate the PAN in Linux system

The new model - Network Access Point Group Network

7.1 Demonstration

Software: All machines are installed with Linux Redhat 8.0

Hardware list:- There are two laptops and one PC and three Bluetooth USB adaptors. Sony Pentium III laptop connects with MITSUMI Bluetooth USB adaptor, Acer Pentium II laptop connects with TDK Bluetooth USB adaptor, and PC Pentium IV connects with MITSUMI Bluetooth USB adaptor.

Apache(web server): GN Sony laptop(ENOCHOME) setup as Apache server.

IP assign: For the GN Laptop, inet IP 10.0.0.1 is assigned;

        For the Client 1 PC, inet IP 10.0.0.4 is assigned;

        For The Client 2 Acer Laptop, inet IP 10.0.0.2 is assigned.

7.2 Master_GN (Sony Laptop)

7.2.1 Terminal dump

(About the explanation configure bridge(br0), please see 6.12)

[root@ENOCHOME root]# brctl addbr br0

[root@ENOCHOME root]# ifconfig br0 10.0.0.1

[root@ENOCHOME root]# brctl setfd br0 0

[root@ENOCHOME root]# brctl stp br0 disable

Explain: initial GN Group Ad-hoc networks, affix_pan.o should be auto-load

[root@ENOCHOME root]# btctl paninit gn bt0

Explain: The bridge port 'pan0' has been created on the GN

[root@ENOCHOME root]# brctl addif br0 pan0

[root@ENOCHOME root]# ifconfig pan0 0.0.0.0

[root@ENOCHOME root]# btctl role allow master

[root@ENOCHOME root]# brctl show

bridge name     bridge id               STP enabled     interfaces

br0             8000.00a096203e26       no              pan0

Explain: check your routes and iptables(use ifconfig, route and iptables -t nat -L):

[root@ENOCHOME root]# ifconfig

br0      Link encap:Ethernet  HWaddr 00:A0:96:20:3E:26

          inet addr:10.0.0.1  Bcast:10.255.255.255  Mask:255.0.0.0

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:0 errors:0 dropped:0 overruns:0 frame:0

          TX packets:43 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0

          RX bytes:0 (0.0 b)  TX bytes:6105 (5.9 Kb)

  bt0 Link encap:UNSPEC  HWaddr 00-A0-96-20-3E-26-00-00-00-00-00-00-00-00-00-00

          UP RUNNING  MTU:1500  Metric:1

          RX packets:28 errors:0 dropped:0 overruns:0 frame:0

          TX packets:19 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:10

          RX bytes:266 (266.0 b)  TX bytes:638 (638.0 b)

eth0      Link encap:Ethernet  HWaddr 08:00:46:4E:0D:94

          inetaddr:210.0.165.230

              Bcast:210.0.165.255 Mask:255.255.255.192

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:778 errors:0 dropped:0 overruns:0 frame:0

          TX packets:230 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:100

          RX bytes:55951 (54.6 Kb)  TX bytes:28530 (27.8 Kb)

          Interrupt:9 Base address:0x2000

lo        Link encap:Local Loopback

          inet addr:127.0.0.1  Mask:255.0.0.0

          UP LOOPBACK RUNNING  MTU:16436  Metric:1

          RX packets:72 errors:0 dropped:0 overruns:0 frame:0

          TX packets:72 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0

          RX bytes:4682 (4.5 Kb)  TX bytes:4682 (4.5 Kb)

pan0     Link encap:Ethernet  HWaddr 00:A0:96:20:3E:26

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:0 errors:0 dropped:0 overruns:0 frame:0

          TX packets:20 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:25

          RX bytes:0 (0.0 b)  TX bytes:3140 (3.0 Kb)

[root@ENOCHOME root]# route

Kernel IP routing table

Destination     Gateway        Genmask         Flags Metric Ref  Use Iface

210.0.165.192   *               255.255.255.192  U     0     0   0  eth0

10.0.0.0         *               255.0.0.0       U     0     0   0  br0

127.0.0.0        *               255.0.0.0       U     0     0   0   lo

default         210.0.165.193     0.0.0.0         UG    0     0   0  eth0

[root@ENOCHOME root]# brctl show

bridge name     bridge id               STP enabled     interfaces

br0             8000.00a096203e26       no              pan0

[root@ENOCHOME root]# brctl showmacs br0

port no mac addr                is local?       ageing timer

  1     00:a0:96:20:3e:26       yes                0.00

NAT table

[root@ENOCHOME root]# iptables -t nat -L

Chain PREROUTING (policy ACCEPT)

target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)

target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)

target     prot opt source               destination

Explain: set up Network Address Translation (NAT) for all packets leaving eth0

[root@ENOCHOME root]# iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Explain: enable ip forwarding

[root@ENOCHOME root]# echo 1 > /proc/sys/net/ipv4/ip_forward

Explain: check POSTROUTING enable anywhere mode

[root@ENOCHOME root]# iptables -t nat -L

Chain PREROUTING (policy ACCEPT)

target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)

target     prot opt source               destination

MASQUERADE  all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)

target     prot opt source               destination

7.3 Client 1(PC)

7.3.1 Terminal dump

[root@localhost root]# btctl

Affix version: Affix 1.2.6

---->>>> Affix Bluetooth Driver control program <<<<----

For help use "btctl -h"

bt0     00:a0:96:20:40:30

        Name: "localhost.localdomain"

        Class: 0xB2010C, Computer (Laptop) [Networking,Object Transfer,Audio,Information]

        Scan Mode: discoverable, connectable

        Security mode: service [-auth, -encrypt]

        Packet types: DM1 DH1 DM3 DH3 DM5 DH5 HV1

        Connection role: allow switch, remain slave

        Baseband:

                Manufacture: Cambridge Silicon Radio, id: 10

        Features: 1.1 compliant

        Buffers:

                ACL: 8 x 128 bytes        SCO: 8 x 64 bytes

        Suported features:

        Packet types: 3-slots, 5-slots

        Radio features: RSSI, Channel quality driven data rate

        Policy: switch, hold mode, sniff mode, park mode

        Encryption: supported

                Clock modes: slot offset, timing accuracy

        Audio: SCO link, HV2, HV3, u-Law log, a-Law log, CVSD,

        Power Control: supported

[root@localhost root]# ifconfig

bt0       Link encap:UNSPEC  HWaddr 00-A0-96-20-40-30-00-00-00-00-00-00-00-00-00-00

          UP RUNNING  MTU:1500  Metric:1

          RX packets:21 errors:0 dropped:0 overruns:0 frame:0

          TX packets:19 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:10

          RX bytes:441 (441.0 b)  TX bytes:570 (570.0 b)

lo        Link encap:Local Loopback

          inet addr:127.0.0.1  Mask:255.0.0.0

          UP LOOPBACK RUNNING  MTU:16436  Metric:1

          RX packets:10 errors:0 dropped:0 overruns:0 frame:0

          TX packets:10 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0

          RX bytes:700 (700.0 b)  TX bytes:700 (700.0 b)

Explain: initial PANU client

[root@localhost root]# btctl paninit panu bt0

Explain: assign 10.0.0.4 for pan0

[root@localhost root]# ifconfig pan0 10.0.0.4

[root@localhost root]# ifconfig

bt0       Link encap:UNSPEC  HWaddr 00-A0-96-20-40-30-00-00-00-00-00-00-00-00-00-00

          UP RUNNING  MTU:1500  Metric:1

          RX packets:21 errors:0 dropped:0 overruns:0 frame:0

          TX packets:19 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:10

          RX bytes:441 (441.0 b)  TX bytes:570 (570.0 b)

lo        Link encap:Local Loopback

          inet addr:127.0.0.1  Mask:255.0.0.0

          UP LOOPBACK RUNNING  MTU:16436  Metric:1

          RX packets:10 errors:0 dropped:0 overruns:0 frame:0

          TX packets:10 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0

          RX bytes:700 (700.0 b)  TX bytes:700 (700.0 b)

pan0      Link encap:Ethernet  HWaddr 00:A0:96:20:40:30

          inet addr:10.0.0.4  Bcast:10.255.255.255  Mask:255.0.0.0

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:0 errors:0 dropped:0 overruns:0 frame:0

          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:25

          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

Explain: Check route state

[root@localhost root]# route

Kernel IP routing table

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface

10.0.0.0        *               255.0.0.0       U     0      0        0 pan0

127.0.0.0       *               255.0.0.0       U     0      0        0 lo

Explain: need to define default route, 10.0.0.1 is the PAN IP of GN)

[root@localhost root]# route add default gw 10.0.0.1

Explain: Check route state

[root@localhost root]# route

Kernel IP routing table

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface

10.0.0.0        *               255.0.0.0       U     0      0        0 pan0

127.0.0.0       *               255.0.0.0       U     0      0        0 lo

default         10.0.0.1        0.0.0.0         UG    0      0        0 pan0

Explain: ping other PAN user(i.e. client 2 must finished the above steps)

[root@localhost root]# ping 10.0.0.2

PING 10.0.0.2 (10.0.0.2) from 10.0.0.4 : 56(84) bytes of data.

64 bytes from 10.0.0.2: icmp_seq=1 ttl=64 time=143 ms

64 bytes from 10.0.0.2: icmp_seq=2 ttl=64 time=74.2 ms

[1]+  Stopped                 ping 10.0.0.2

Explain: use telnet command make connect with PAN user

[root@localhost root]# telnet 10.0.0.2

Trying 10.0.0.2...

Connected to 10.0.0.2 (10.0.0.2).

Escape character is '^]'.

Red Hat Linux release 8.0 (Psyche)

Kernel 2.4.18-14 on an i686

login: enoch

Password:

Last login: Sat Jan 25 23:07:10 from 10.0.0.4

[enoch@localhost enoch]$ ls

affix-1.2.3.tar.gz

[enoch@localhost enoch]$

Explain: Ping outside website

[root@localhost root]# ping www.ouhk.edu.hk

PING sun17a.ouhk.edu.hk (202.40.157.186) from 10.0.0.4 : 56(84) bytes of data.

From 202.64.46.222 icmp_seq=7 Packet filtered

From 202.64.46.222 icmp_seq=9 Packet filtered

From 202.64.46.222 icmp_seq=11 Packet filtered

[2]+  Stopped                 ping www.ouhk.edu.hk

[root@localhost root]#

Explain: make connect with GN master by using ftp command

[root@localhost root]# ftp 10.0.0.1

Connected to 10.0.0.1.

220 ENOCHOME FTP server (Version wu-2.6.2-8) ready.

504 AUTH GSSAPI not supported.

504 AUTH KERBEROS_V4 not supported.

KERBEROS_V4 rejected as an authentication type

Name (10.0.0.1:root): ct401

331 Password required for ct401.

Password:

230 User ct401 logged in.  Access restrictions apply.

Remote system type is UNIX.

Using binary mode to transfer files.

ftp> ls

227 Entering Passive Mode (10,0,0,1,179,140)

150 Opening ASCII mode data connection for directory listing.

total 4744

-rw-r--r--   1 root     root        82386 Jan 11 09:57 bluez-bluefw-0.9-1.i386.rpm

-rw-------   1 root     root       108144 Jan 11 09:56 bluez-bluefw-0.9.tar.gz

-rw-------   1 root     root       166968 Jan 11 09:56 bluez-hcidump-1.5.tar.gz

-rw-------   1 root     root       148093 Jan 11 09:56 bluez-hciemu-1.0.tar.gz

-rw-------   1 root     root       174004 Jan 11 09:57 bluez-kernel-2.3.tar.gz

-rw-r--r--   1 root     root        89716 Jan 11 09:57 bluez-libs-2.3-1.i386.rpm

-rw-------   1 root     root       176521 Jan 11 09:57 bluez-libs-2.3.tar.gz

-rw-------   1 root     root        29167 Jan 11 09:58 bluez-pan-1.1pre4-1.i386.rpm

-rw-------   1 root     root       195113 Jan 11 09:56 bluez-pan-1.1pre4.tar.gz

-rw-------   1 root     root       238933 Jan 11 09:58 bluez-sdp-1.0rc2-1.i386.rpm

-rw-------   1 root     root       307829 Jan 11 09:58 bluez-sdp-1.0rc3-1.i386.rpm

-rw-------   1 root     root       206015 Jan 11 09:57 bluez-sdp-1.0rc3.tar.gz

-rw-------   1 root     root        71711 Jan 11 09:58 bluez-utils-2.2-1.i386.rpm

-rw-------   1 root     root       244857 Jan 11 09:57 bluez-utils-2.2.tar.gz

-rw-r--r--   1 root     root        17818 Jan 11 08:45 intro.htm

drwxr-xr-x   2 root     root         4096 Jan 11 08:45 intro_files

-rw-r--r--   1 root     root        17216 Jan 11 08:44 main.jpg.html

drwxr-xr-x   2 root     root         4096 Jan 11 08:44 main.jpg_files

-rw-r--r--   1 root     root        17735 Jan 11 08:46 proposedprojects.htm

drwxr-xr-x   2 root     root         4096 Jan 11 08:46 proposedprojects_files

drwxr-xr-x   6 root     root         4096 Jan 12 13:20 public_html

-rw-r--r--   1 root     root        18119 Jan 11 08:45 teachingteam.htm

drwxr-xr-x   2 root     root         4096 Jan 11 08:45 teachingteam_files

226 Transfer complete.

ftp>


7.3.2 Screen Capture

        -shown it is successful connect to outside and GN’s apache server

Figure 7.3.2-1 Client 1 connect to outside website

Figure 7.3.2-2 Connect to internal GN’s Apache server

7.4 Client 2(Acer Laptop)

7.4.1 Terminal dump

root@localhost root]# btctl

Affix version: Affix 1.2.6

---->>>> Affix Bluetooth Driver control program <<<<----

For help use "btctl -h"

bt0     00:80:98:24:df:6a

        Name: "localhost.localdomain"

        Class: 0xB2010C, Computer (Laptop) [Networking,Object Transfer,Audio,Information]

        Scan Mode: discoverable, connectable

        Security mode: service [-auth, -encrypt]

        Packet types: DM1 DH1 DM3 DH3 DM5 DH5 HV1

        Connection role: allow switch, remain slave

        Baseband:

        Manufacture: Cambridge Silicon Radio, id: 10

                Features: 1.1 compliant

        Buffers:

                ACL: 8 x 192 bytes

                SCO: 8 x 64 bytes

        Suported features:

                Packet types: 3-slots, 5-slots

                Radio features: RSSI, Channel quality driven data rate

                Policy: switch, hold mode, sniff mode, park mode

                Encryption: supported

                Clock modes: slot offset, timing accuracy

                Audio: SCO link, HV2, HV3, u-Law log, a-Law log, CVSD, transparent SCO

                Power Control: supported

Explain: initial PANU client

[root@localhost root]# btctl paninit panu bt0

Explain: assign pan ip as 10.0.0.2

[root@localhost root]# ifconfig pan0 10.0.0.2

[root@localhost root]# ifconfig

bt0       Link encap:UNSPEC  HWaddr 00-80-98-24-DF-6A-00-00-00-00-00-00-00-00-00-00

          UP RUNNING  MTU:1500  Metric:1

          RX packets:20 errors:24 dropped:0 overruns:0 frame:0

          TX packets:19 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:10

          RX bytes:435 (435.0 b)  TX bytes:570 (570.0 b)

lo        Link encap:Local Loopback

          inet addr:127.0.0.1  Mask:255.0.0.0

          UP LOOPBACK RUNNING  MTU:16436  Metric:1

          RX packets:39 errors:0 dropped:0 overruns:0 frame:0

          TX packets:39 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0

          RX bytes:3537 (3.4 Kb)  TX bytes:3537 (3.4 Kb)

pan0      Link encap:Ethernet  HWaddr 00:80:98:24:DF:6A

          inet addr:10.0.0.2  Bcast:10.255.255.255  Mask:255.0.0.0

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:0 errors:0 dropped:0 overruns:0 frame:0

          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:25

          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

[root@localhost root]# route

Kernel IP routing table

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface

10.0.0.0        *               255.0.0.0       U     0      0        0 pan0

127.0.0.0       *               255.0.0.0       U     0      0        0 lo

Explain: need to add default route, 10.0.0.1 is the PAN IP of GN)

[root@localhost root]# route add default gw 10.0.0.1

Explain: Check Route state

[root@localhost root]# route

Kernel IP routing table

Destination     Gateway         Genmask      Flags Metric Ref    Use Iface

10.0.0.0        *               255.0.0.0       U    0      0    0  pan0

127.0.0.0       *               255.0.0.0       U    0      0    0  lo

default         10.0.0.1          0.0.0.0       UG    0      0    0  pan0

 

Explain: Success ping internal and outside

[root@localhost root]# ping 10.0.0.1

PING 10.0.0.1 (10.0.0.1) from 10.0.0.2 : 56(84) bytes of data.

64 bytes from 10.0.0.1: icmp_seq=1 ttl=64 time=30.3 ms

64 bytes from 10.0.0.1: icmp_seq=2 ttl=64 time=18.6 ms

64 bytes from 10.0.0.1: icmp_seq=3 ttl=64 time=26.7 ms

 [1]+  Stopped                 ping 10.0.0.1

[root@localhost root]# ping www.ouhk.edu.hk

PING sun17a.ouhk.edu.hk (202.40.157.186) from 10.0.0.2 : 56(84) bytes of data.

From 202.64.46.222 icmp_seq=1 Packet filtered

From 202.64.46.222 icmp_seq=2 Packet filtered

From 202.64.46.222 icmp_seq=3 Packet filtered

[2]+  Stopped                 ping www.ouhk.edu.hk

 

Explain: success connect to 10.0.0.1

[root@localhost root]# telnet 10.0.0.1

Trying 10.0.0.1...

Connected to 10.0.0.1 (10.0.0.1).

Escape character is '^]'.

Red Hat Linux release 8.0 (Psyche)

Kernel 2.4.18-14 on an i686

login: ct401

Password:

Last login: Sat Jan 25 22:16:48 from 10.0.0.4

[ct401@ENOCHOME ct401]$ ls

bluez-bluefw-0.9-1.i386.rpm   bluez-utils-2.2-1.i386.rpm

bluez-bluefw-0.9.tar.gz       bluez-utils-2.2.tar.gz

bluez-hcidump-1.5.tar.gz      intro_files

bluez-hciemu-1.0.tar.gz       intro.htm

bluez-kernel-2.3.tar.gz       main.jpg_files

bluez-libs-2.3-1.i386.rpm     main.jpg.html

bluez-libs-2.3.tar.gz         proposedprojects_files

bluez-pan-1.1pre4-1.i386.rpm  proposedprojects.htm

bluez-pan-1.1pre4.tar.gz      public_html

bluez-sdp-1.0rc2-1.i386.rpm   teachingteam_files

bluez-sdp-1.0rc3-1.i386.rpm   teachingteam.htm

bluez-sdp-1.0rc3.tar.gz

[ct401@ENOCHOME ct401]$

 

[root@localhost root]# ftp 10.0.0.1

Connected to 10.0.0.1.

220 ENOCHOME FTP server (Version wu-2.6.2-8) ready.

504 AUTH GSSAPI not supported.

504 AUTH KERBEROS_V4 not supported.

KERBEROS_V4 rejected as an authentication type

Name (10.0.0.1:root): ct401

331 Password required for ct401.

Password:

230 User ct401 logged in.  Access restrictions apply.

Remote system type is UNIX.

Using binary mode to transfer files.

ftp> ls

227 Entering Passive Mode (10,0,0,1,85,227)

150 Opening ASCII mode data connection for directory listing.

total 4744

-rw-r--r--   1 root     root        82386 Jan 11 09:57 bluez-bluefw-0.9-1.i386.rpm

-rw-------   1 root     root       108144 Jan 11 09:56 bluez-bluefw-0.9.tar.gz

-rw-------   1 root     root       166968 Jan 11 09:56 bluez-hcidump-1.5.tar.gz

-rw-------   1 root     root       148093 Jan 11 09:56 bluez-hciemu-1.0.tar.gz

-rw-------   1 root     root       174004 Jan 11 09:57 bluez-kernel-2.3.tar.gz

-rw-r--r--   1 root     root        89716 Jan 11 09:57 bluez-libs-2.3-1.i386.rpm

-rw-------   1 root     root       176521 Jan 11 09:57 bluez-libs-2.3.tar.gz

-rw-------   1 root     root        29167 Jan 11 09:58 bluez-pan-1.1pre4-1.i386.rpm

-rw-------   1 root     root       195113 Jan 11 09:56 bluez-pan-1.1pre4.tar.gz

-rw-------   1 root     root       238933 Jan 11 09:58 bluez-sdp-1.0rc2-1.i386.rpm

-rw-------   1 root     root       307829 Jan 11 09:58 bluez-sdp-1.0rc3-1.i386.rpm

-rw-------   1 root     root       206015 Jan 11 09:57 bluez-sdp-1.0rc3.tar.gz

-rw-------   1 root     root        71711 Jan 11 09:58 bluez-utils-2.2-1.i386.rpm

-rw-------   1 root     root       244857 Jan 11 09:57 bluez-utils-2.2.tar.gz

-rw-r--r--   1 root     root        17818 Jan 11 08:45 intro.htm

drwxr-xr-x   2 root    root         4096 Jan 11 08:45 intro_files

-rw-r--r--   1 root     root        17216 Jan 11 08:44 main.jpg.html

drwxr-xr-x   2 root    root         4096 Jan 11 08:44 main.jpg_files

-rw-r--r--   1 root     root        17735 Jan 11 08:46 proposedprojects.htm

drwxr-xr-x   2 root    root         4096 Jan 11 08:46 proposedprojects_files

drwxr-xr-x   6 root    root         4096 Jan 12 13:20 public_html

-rw-r--r--   1 root     root        18119 Jan 11 08:45 teachingteam.htm

drwxr-xr-x   2 root    root         4096 Jan 11 08:45 teachingteam_files

226 Transfer complete.

ftp>

Reference:
The webpage:-
http://www.linuxsecurity.com/resource_files/firewalls/IPTables-Tutorial/iptables-tutorial.html is good material for how to use iptables.
Competitor:
http://bluez.sourceforge.net/