WLAN_CCMP(4) BSD Kernel Interfaces Manual WLAN_CCMP(4)NAME
wlan_ccmp -- AES-CCMP crypto support for 802.11 devices
SYNOPSIS
device wlan_ccmp
DESCRIPTION
The wlan_ccmp module handles the AES-CCMP cryptographic requirements of the WPA and 802.11i protocols. It does encapsulation and decapsula-
tion of CCMP-encoded 802.11 frames and optionally calculates the AES-CCMP cipher. The wlan_ccmp module is an 802.11 cryptographic plugin
module for use by the wlan(4) module. This module is automatically loaded if an AES-CCMP key is configured; typically by a WPA supplicant
program such as wpa_supplicant, or a WPA authenticator program such as hostapd. Should the underlying network device not be capable of doing
the AES-CCMP calculations in hardware, the wlan_ccmp module will do the work.
SEE ALSO wlan(4), wlan_tkip(4), wlan_wep(4)STANDARDS
More information can be found in the IEEE 802.11, WPA, and 802.11i Standards.
HISTORY
The wlan_ccmp driver first appeared in FreeBSD 6.0.
BSD December 7, 2004 BSD
Check Out this Related Man Page
WLAN(4) BSD Kernel Interfaces Manual WLAN(4)NAME
wlan -- generic 802.11 link-layer support
SYNOPSIS
device wlan
DESCRIPTION
The wlan module provides generic code to support 802.11 drivers. Where a device does not directly support 802.11 functionality this layer
fills in. The wlan module is required by all native 802.11 drivers as well as the ndis(4) support.
wlan supports multi-mode devices capable of operating in both 2.4GHz and 5GHz bands and supports numerous 802.11 standards: 802.11a, 802.11b,
802.11g, 802.11n, and 802.11s (Draft 3.0). The WPA, 802.11i, and 802.1x security protocols are supported through a combination of in-kernel
code and user-mode applications. The WME/WMM multi-media protocols are supported entirely within the wlan module but require a suitably
capable hardware device. Likewise the 802.11h specification is supported only by suitably capable devices.
Drivers provide 802.11 functionality through wlan interfaces that are created at runtime using interface cloning. This is done with the
ifconfig(8) create command or using the wlans_IFX variable in rc.conf(5). Some drivers support the creation of multiple wlan interfaces that
share the same underlying device; this is the way by which ``multi-bss support'' is provided but it can also be used to create WDS links and
other interesting applications.
There are several types of wlan interfaces that may be created:
sta A client station in an infrastructure bss (i.e. one that associates to an access point).
hostap An access point in an infrastructure bss.
mesh A mesh station in an MBSS network.
adhoc A station in an IBSS network.
ahdemo A station operating in ``adhoc demo mode''. This is essentially an IBSS station that does not use management frames (e.g. no bea-
cons are transmitted). An ahdemo interface is especially useful for applications that want to transmit and receive raw 802.11 pack-
ets.
monitor An interface used exclusively for capturing 802.11 frames. In particular this specified to have read-only properties which enables
it to be operated on frequencies where one would otherwise not be allowed.
wds A station that passes 4-address 802.11 traffic for the purpose of tunneling traffic over a wireless link. Typically this station
would share the same MAC address as a hostap interface. It may be possible to create wds interfaces without a companion hostap
interface but that is not guaranteed; one may need to create a hostap interface that does not send beacon frames before wds inter-
faces may be created.
Note that an interface's type cannot be changed once it is created.
wlan defines several mechanisms by which plugin modules may be used to extend its' functionality. Cryptographic support such as WEP, TKIP,
and AES-CCMP are implemented as standalone modules (if not statically configured into a system) that register with wlan. Similarly there is
an authenticator framework for defining 802.11 authentication services and a framework for integrating access control mechanisms specific to
the 802.11 protocol.
DEBUGGING
Debugging controls are available using:
sysctl net.wlan.X.debug=mask
where X is the number of the wlan instance and mask is a bit-or of control bits that determine which debugging messages to enable. For exam-
ple,
sysctl net.wlan.0.debug=0x00200000
enables debugging messages related to scanning for an access point, adhoc neighbor, or an unoccupied channel when operation as an access
point. The wlandebug(8) tool provides a more user-friendly mechanism for doing the same thing. Note that
sysctl net.wlan.debug=mask
defines the initial value of the debugging flags for each cloned wlan interface; this is useful to enable debug messages during interface
creation.
COMPATIBILITY
The module name of wlan was used to be compatible with NetBSD.
Mesh stations follow the 802.11s Draft 3.0 specification which is not ratified and subject to change. Beware that this specification is
incompatible with earlier drafts; and stations implementing earlier drafts (e.g. Linux) may not interoperate.
SEE ALSO an(4), ath(4), bwi(4), ipw(4), iwi(4), iwn(4), malo(4), netintro(4), ral(4), rum(4), uath(4), upgt(4), ural(4), urtw(4), wi(4), wlan_acl(4),
wlan_ccmp(4), wlan_tkip(4), wlan_wep(4), wlan_xauth(4), wpi(4), zyd(4)STANDARDS
More information can be found in the IEEE 802.11 Standards.
HISTORY
The wlan driver first appeared in FreeBSD 5.0.
AUTHORS
Atsushi Onoe is the author of original NetBSD software from which this work began. Sam Leffler brought the code into FreeBSD and then
rewrote it to support multi-mode devices, 802.11g, 802.11n, WPA/802.11i, WME, multi-bss, and add the extensible frameworks for cryptographic,
authentication, and access control plugins. This manual page was written by Tom Rhodes <trhodes@FreeBSD.org>.
BSD July 8, 2009 BSD