Chapter 29. Wireless Communication¶
Contents
Abstract
There are several possibilities for using your Linux system to communicate with other computers, cellular phones, or peripheral devices. WLAN (wireless LAN) can be used to network laptops. Bluetooth can be used to connect individual system components (mouse, keyboard), peripheral devices, cellular phones, PDAs, and individual computers with each other. IrDA is mostly used for communication with PDAs or cellular phones. Universal Mobile Telecommunications System (UMTS), also known as 3G, can offer several multimedia services such as browsing the Web or sending and receiving messages. This chapter introduces these technologies and their configuration.
29.1. Wireless LAN¶
Wireless LANs have become an indispensable aspect of mobile computing. Today, most laptops have built-in WLAN cards. The 802.11 standard for the wireless communication of WLAN cards was prepared by the IEEE organization. Originally, this standard provided for a maximum transmission rate of 2 Mbit/s. Meanwhile, several supplements have been added to increase the data rate. These supplements define details such as the modulation, transmission output, and transmission rates:
Table 29.1. Overview of Various WLAN Standards
Name | Band (GHz) | Maximum Transmission Rate (Mbit/s) | Note |
|---|---|---|---|
802.11 | 2.4 | 2 | Outdated; virtually no end devices available |
802.11b | 2.4 | 11 | Widespread |
802.11a | 5 | 54 | Less common |
802.11g | 2.4 | 54 | Backward-compatible with 11b |
Additionally, there are proprietary standards, like the 802.11b variation of Texas Instruments with a maximum transmission rate of 22 Mbit/s (sometimes referred to as 802.11b+). However, the popularity of cards using this standard is limited.
29.1.1. Hardware¶
802.11 cards are not supported by SUSE Linux Enterprise®. Most cards using 802.11a, 802.11b, and 802.11g are supported. New cards usually comply with the 802.11g standard, but cards using 802.11b are still available. Normally, cards with the following chips are supported:
Aironet 4500, 4800
Atheros 5210, 5211, 5212
Atmel at76c502, at76c503, at76c504, at76c506
Intel PRO/Wireless 2100, 2200BG, 2915ABG, 3945ABG
Intersil Prism2/2.5/3
Intersil PrismGT
Lucent/Agere Hermes
Texas Instruments ACX100, ACX111
ZyDAS zd1201
A number of older cards that are rarely used and no longer available are also supported. An extensive list of WLAN cards and the chips they use is available at the Web site of AbsoluteValue Systems at http://www.linux-wlan.org/docs/wlan_adapters.html.gz. Find an overview of the various WLAN chips at http://wiki.uni-konstanz.de/wiki/bin/view/Wireless/ListeChipsatz.
Some cards need a firmware image that must be loaded into the card when the
driver is initialized. This is the case with Intersil
PrismGT, Atmel, and
TI ACX100 and ACX111. The firmware can easily be
installed with the YaST Online Update. The firmware for Intel PRO/Wireless
cards ships with SUSE Linux Enterprise and is automatically installed by YaST as
soon as a card of this type is detected. More information about this subject
is available in the installed system in
/usr/share/doc/packages/wireless-tools/README.firmware.
29.1.2. Function¶
In wireless networking, various techniques and configurations are used to ensure fast, high-quality, and secure connections. Different operating types suit different setups. It can be difficult to choose the right authentication method. The available encryption methods have different advantages and pitfalls.
29.1.2.1. Operating Mode¶
Basically, wireless networks can be classified as managed networks and ad-hoc networks. Managed networks have a managing element: the access point. In this mode (also referred to as infrastructure mode), all connections of the WLAN stations in the network run over the access point, which may also serve as a connection to an ethernet. Ad-hoc networks do not have an access point. The stations communicate directly with each other. The transmission range and number of participating stations are greatly limited in ad-hoc networks. Therefore, an access point is usually more efficient. It is even possible to use a WLAN card as an access point. Most cards support this functionality.
Because a wireless network is much easier to intercept and compromise than a wired network, the various standards include authentication and encryption methods. In the original version of the IEEE 802.11 standard, these are described under the term WEP. However, because WEP has proven to be insecure (see Section 29.1.5.2, “Security”), the WLAN industry (joined under the name Wi-Fi Alliance) has defined a new extension called WPA, which is supposed to eliminate the weaknesses of WEP. The later IEEE 802.11i standard (also referred to as WPA2, because WPA is based on a draft version 802.11i) includes WPA and some other authentication and encryption methods.
29.1.2.2. Authentication¶
To make sure that only authorized stations can connect, various authentication mechanisms are used in managed networks:
- Open
An open system is a system that does not require authentication. Any station can join the network. Nevertheless, WEP encryption (see Section 29.1.2.3, “Encryption”) can be used.
- Shared Key (according to IEEE 802.11)
In this procedure, the WEP key is used for the authentication. However, this procedure is not recommended, because it makes the WEP key more susceptible to attacks. All an attacker needs to do is to listen long enough to the communication between the station and the access point. During the authentication process, both sides exchange the same information, once in encrypted form and once in unencrypted form. This makes it possible for the key to be reconstructed with suitable tools. Because this method makes use of the WEP key for the authentication and for the encryption, it does not enhance the security of the network. A station that has the correct WEP key can authenticate, encrypt, and decrypt. A station that does not have the key cannot decrypt received packets. Accordingly, it cannot communicate, regardless of whether it had to authenticate itself.
- WPA-PSK (according to IEEE 802.1x)
WPA-PSK (PSK stands for preshared key) works similarly to the Shared Key procedure. All participating stations as well as the access point need the same key. The key is 256 bits in length and is usually entered as a passphrase. This system does not need a complex key management like WPA-EAP and is more suitable for private use. Therefore, WPA-PSK is sometimes referred to as WPA “Home”.
- WPA-EAP (according to IEEE 802.1x)
Actually, WPA-EAP is not an authentication system but a protocol for transporting authentication information. WPA-EAP is used to protect wireless networks in enterprises. In private networks, it is scarcely used. For this reason, WPA-EAP is sometimes referred to as WPA “Enterprise”.
WPA-EAP needs a Radius server to authenticate users. EAP offers three different methods for connecting and authenticating to the server: TLS (Transport Layer Security), TTLS (Tunneled Transport Layer Security), and PEAP (Protected Extensible Authentication Protocol). In a nutshell, these options work as follows:
- EAP-TLS
TLS authentication relies on the mutual exchange of certificates both for server and client. First, the server presents its certificate to the client where it is evaluated. If the certificate is considered valid, the client in turn presents its certificate to the server. While TLS is secure, it requires a working certification management infrastructure in your network. This infrastructure is rarely found in private networks.
- EAP-TTLS and PEAP
Both TTLS and PEAP are two-stage protocols. In the first stage, a secure is established and in the second one the client authentication data is exchanged. They require far less certification management overhead than TLS, if any.
29.1.2.3. Encryption¶
There are various encryption methods to ensure that no unauthorized person can read the data packets that are exchanged in a wireless network or gain access to the network:
- WEP (defined in IEEE 802.11)
This standard makes use of the RC4 encryption algorithm, originally with a key length of 40 bits, later also with 104 bits. Often, the length is declared as 64 bits or 128 bits, depending on whether the 24 bits of the initialization vector are included. However, this standard has some weaknesses. Attacks against the keys generated by this system may be successful. Nevertheless, it is better to use WEP than not encrypt the network at all.
- TKIP (defined in WPA/IEEE 802.11i)
This key management protocol defined in the WPA standard uses the same encryption algorithm as WEP, but eliminates its weakness. Because a new key is generated for every data packet, attacks against these keys are in vain. TKIP is used together with WPA-PSK.
- CCMP (defined in IEEE 802.11i)
CCMP describes the key management. Usually, it is used in connection with WPA-EAP, but it can also be used with WPA-PSK. The encryption takes place according to AES and is stronger than the RC4 encryption of the WEP standard.
29.1.3. Configuration with YaST¶
To configure your wireless network card, start the YaST module. Here you can also choose whether to use YaST or NetworkManager for managing your network card. If you select YaST, select the device type in and click . In , shown in Figure 29.1, “YaST: Configuring the Wireless Network Card”, make the basic settings for the WLAN operation:
- Operating Mode
A station can be integrated in a WLAN in three different modes. The suitable mode depends on the network in which to communicate: (peer-to-peer network without access point), (network is managed by an access point), or (your network card should be used as the access point). To use any of the WPA-PSK or WPA-EAP modes, the operating mode must be set to .
- Network Name (ESSID)
All stations in a wireless network need the same ESSID for communicating with each other. If nothing is specified, the card automatically selects an access point, which may not be the one you intended to use.
- Authentication Mode
Select a suitable authentication method for your network: , , , or . If you select WPA authentication, a network name must be set.
- Expert Settings
This button opens a dialog for the detailed configuration of your WLAN connection. A detailed description of this dialog is provided later.
After completing the basic settings, your station is ready for deployment in the WLAN.
![[Important]](admon/important.png) | Security in Wireless Networks |
|---|---|
Be sure to use one of the supported authentication and encryption methods to protect your network traffic. Unencrypted WLAN connections allow third parties to intercept all network data. Even a weak encryption (WEP) is better than none at all. Refer to Section 29.1.2.3, “Encryption” and Section 29.1.5.2, “Security” for information. | |
Depending on the selected authentication method, YaST prompts you to fine-tune the settings in another dialog. For , there is nothing to configure, because this setting implements unencrypted operation without authentication.
- Shared Key
Set a key input type. Choose from , , or . You may keep up to four different keys to encrypt the transmitted data. Click to enter the key configuration dialog. Set the length of the key: or . The default setting is . In the list area at the bottom of the dialog, up to four different keys can be specified for your station to use for the encryption. Press to define one of them as the default key. Unless you change this, YaST uses the first entered key as the default key. If the standard key is deleted, one of the other keys must be marked manually as the default key. Click to modify existing list entries or create new keys. In this case, a pop-up window prompts you to select an input type (, , or ). If you select , enter a word or a character string from which a key is generated according to the length previously specified. requests an input of 5 characters for a 64-bit key and 13 characters for a 128-bit key. For , enter 10 characters for a 64-bit key or 26 characters for a 128-bit key in hexadecimal notation.
- WPA-PSK
To enter a key for WPA-PSK, select the input method or . In the mode, the input must be 8 to 63 characters. In the mode, enter 64 characters.
- WPA-EAP
Enter the credentials you have been given by your network administrator. For TLS, provide , , , and . TTLS and PEAP require and . and are optional. YaST searches for any certificate under
/etc/cert, so save the certificates given to you to this location and restrict access to these files to0600(owner read and write).Click to enter the advanced authentication dialog for your WPA-EAP setup. Select the authentication method for the second stage of EAP-TTLS or EAP-PEAP communication. If you selected TTLS in the previous dialog, choose
any,MD5,GTC,CHAP,PAP,MSCHAPv1, orMSCHAPv2. If you selected PEAP, chooseany,MD5,GTC, orMSCHAPv2. can be used to force the use of a certain PEAP implementation if the automatically-determined setting does not work for you.
Click to leave the dialog for the basic configuration of the WLAN connection and enter the expert configuration. The following options are available in this dialog:
- Channel
The specification of a channel on which the WLAN station should work is only needed in and modes. In mode, the card automatically searches the available channels for access points. In mode, select one of the 12 offered channels for the communication of your station with the other stations. In mode, determine on which channel your card should offer access point functionality. The default setting for this option is .
- Bit Rate
Depending on the performance of your network, you may want to set a certain bit rate for the transmission from one point to another. In the default setting , the system tries to use the highest possible data transmission rate. Some WLAN cards do not support the setting of bit rates.
- Access Point
In an environment with several access points, one of them can be preselected by specifying the MAC address.
29.1.4. Utilities¶
hostap (package hostap) is used to
run a WLAN card as an access point. More information about this package is
available at the project home page (http://hostap.epitest.fi/).
kismet (package kismet) is a
network diagnosis tool with which to listen to the WLAN packet traffic. In
this way, you can also detect any intrusion attempts in your network. More
information is available at http://www.kismetwireless.net/
and in the manual page.
29.1.5. Tips and Tricks for Setting Up a WLAN¶
These tips can help tweak speed and stability as well as security aspects of your WLAN.
29.1.5.1. Stability and Speed¶
The performance and reliability of a wireless network mainly depend on
whether the participating stations receive a clean signal from the other
stations. Obstructions like walls greatly weaken the signal. The more the
signal strength sinks, the more the transmission slows down. During
operation, check the signal strength with the iwconfig utility on the
command line (Link Quality field) or with NetworkManager or KNetworkManager.
If you have problems with the signal quality, try to set up the devices
somewhere else or adjust the position of the antennas of your access
points. Auxiliary antennas that substantially improve the reception are
available for a number of PCMCIA WLAN cards. The rate specified by the
manufacturer, such as 54 Mbit/s, is a nominal value that represents
the theoretical maximum. In practice, the maximum data throughput is no
more than half this value.
29.1.5.2. Security¶
If you want to set up a wireless network, remember that anybody within the transmission range can easily access it if no security measures are implemented. Therefore, be sure to activate an encryption method. All WLAN cards and access points support WEP encryption. Although this is not entirely safe, it does present an obstacle for a potential attacker. WEP is usually adequate for private use. WPA-PSK would be even better, but it is not implemented in older access points or routers with WLAN functionality. On some devices, WPA can be implemented by means of a firmware update. Furthermore, Linux does not support WPA on all hardware components. When this documentation was prepared, WPA only worked with cards using Atheros, Intel PRO/Wireless, or Prism2/2.5/3 chips. On Prism2/2.5/3, WPA only works if the hostap driver is used (see Section 29.1.6.2, “Problems with Prism2 Cards”). If WPA is not available, WEP is better than no encryption. In enterprises with advanced security requirements, wireless networks should only be operated with WPA.
29.1.6. Troubleshooting¶
If your WLAN card fails to respond, check if you have downloaded the needed firmware. Refer to Section 29.1.1, “Hardware”. The following paragraphs cover some known problems.
29.1.6.1. Multiple Network Devices¶
Modern laptops usually have a network card and a WLAN card. If you configured both devices with DHCP (automatic address assignment), you may encounter problems with the name resolution and the default gateway. This is evident from the fact that you can ping the router but cannot surf the Internet. The Support Database features an article on this subject at http://old-en.opensuse.org/SDB:Name_Resolution_Does_Not_Work_with_Several_Concurrent_DHCP_Clients.
29.1.6.2. Problems with Prism2 Cards¶
Several drivers are available for devices with
Prism2 chips. The various cards work more or
less smoothly with the various drivers. With these cards, WPA is only
possible with the hostap driver. If such a card does not work properly or
not at all or you want to use WPA, read
/usr/share/doc/packages/wireless-tools/README.prism2.
29.1.6.3. WPA¶
WPA support is quite new in SUSE Linux Enterprise and still under development. Thus,
YaST does not support the configuration of all WPA authentication
methods. Not all wireless LAN cards and drivers support WPA. Some cards
need a firmware update to enable WPA. If you want to use WPA, read
/usr/share/doc/packages/wireless-tools/README.wpa.
29.1.7. For More Information¶
The Internet pages of Jean Tourrilhes, who developed the Wireless Tools for Linux, present a wealth of useful information about wireless networks. See http://www.hpl.hp.com/personal/Jean_Tourrilhes/Linux/Wireless.html.
29.2. Bluetooth¶
Bluetooth is a wireless technology for connecting various devices, such as cellular phones, PDAs, peripheral devices, laptops, or system components like the keyboard or mouse. The name is derived from the Danish king Harold Bluetooth, who united various warring factions in Scandinavia. The Bluetooth logo is based on the runes for “H” (resembles a star) and “B”.
A number of important aspects distinguish Bluetooth from IrDA. First, the individual devices do not need to “see” each other directly and, second, several devices can be connected in a network. However, the maximum data rate is 720 Kbps (in the current version 1.2). Theoretically, Bluetooth can even communicate through walls. In practice, however, this depends on the properties of the wall and the device class. There are three device classes with transmission ranges between 10 and 100 meters.
29.2.1. Basics¶
The following sections outline the basic principles of how Bluetooth works. Learn which software requirements need to be met, how Bluetooth interacts with your system, and how Bluetooth profiles work.
29.2.1.1. Software¶
To be able to use Bluetooth, you need a Bluetooth adapter (either a
built-in adapter or an external device), drivers, and a Bluetooth protocol
stack. The Linux kernel already contains the basic drivers for using
Bluetooth. The Bluez system is used as protocol stack. To make sure that
the applications work with Bluetooth, the base packages bluez-libs and bluez-utils must be installed. These
packages provide a number of needed services and utilities. Additionally,
some adapters, such as Broadcom or
AVM BlueFritz!, require the bluez-firmware package to be installed. The
bluez-cups package enables
printing over Bluetooth connections. If you need to debug problems with
Bluetooth connections, install the package bluez-hcidump.
29.2.1.2. General Interaction¶
A Bluetooth system consists of four interlocked layers that provide the desired functionality:
- Hardware
The adapter and a suitable driver for support by the Linux kernel.
- Configuration Files
Used for controlling the Bluetooth system.
- Daemons
Services that are controlled by the configuration files and provide the functionality.
- Applications
The applications allow the functionality provided by the daemons to be used and controlled by the user.
When inserting a Bluetooth adapter, its driver is loaded by the hotplug system. After the driver is loaded, the system checks the configuration files to see if Bluetooth should be started. If this is the case, it determines the services to start. Based on this information, the respective daemons are started. Bluetooth adapters are probed upon installation. If one or more are found, Bluetooth is enabled. Otherwise the Bluetooth system is deactivated. Any Bluetooth device added later must be enabled manually.
29.2.1.3. Profiles¶
In Bluetooth, services are defined by means of profiles, such as the file transfer profile, the basic printing profile, and the personal area network profile. To enable a device to use the services of another device, both must understand the same profile—a piece of information that is often missing in the device package and manual. Unfortunately, some manufacturers do not comply strictly with the definitions of the individual profiles. Despite this, communication between the devices usually works smoothly.
In the following text, local devices are those physically connected to the computer. All other devices that can only be accessed over wireless connections are referred to as remote devices.
29.2.2. Configuration¶
This section introduces Bluetooth configuration. Learn which configuration files are involved, which tools are needed, and how to configure Bluetooth with YaST or manually.
29.2.2.1. Configuring Bluetooth with YaST¶
Use the YaST Bluetooth module, shown in Figure 29.2, “YaST Bluetooth Configuration”, to configure Bluetooth support on your system. As soon as hotplug detects a Bluetooth adapter on your system (for example, during booting or when you plug in an adapter), Bluetooth is automatically started with the settings configured in this module.
In the first step of the configuration, determine whether Bluetooth
services should be started on your system. If you have enabled the
Bluetooth services, two things can be configured. First, the
. This is the name other devices display
when your computer has been discovered. There are two placeholders
available—%h stands for the hostname of the system
(useful, for example, if it is assigned dynamically by DHCP) and
%d inserts the interface number (only useful if you
have more than one Bluetooth adapter in your computer). For example, if you
enter Laptop %h in the field and DHCP assigns the name
unit123 to your computer, other remote devices would
know your computer as Laptop unit123.
The parameter is related to the behavior of the local system when a remote device tries to connect. The difference is in the handling of the PIN number. Either allow any device to connect without a PIN or determine how the correct PIN is chosen if one is needed. You can enter a PIN (stored in a configuration file) in the appropriate input field. If a device tries to connect, it first uses this PIN. If it fails, it falls back to using no PIN. For maximum security, it is best to choose . This option allows you to use different PINs for different (remote) devices.
Click to enter the dialog for selecting and configuring the available services (called profiles in Bluetooth). All available services are displayed in a list and can be enabled or disabled by clicking or . Click to open a dialog in which to specify additional arguments for the selected service (daemon). Do not change anything unless you are familiar with the service. After completing the configuration of the daemons, exit this dialog by clicking .
Back in the main dialog, click to enter the security dialog and specify encryption, authentication, and scan settings. Then exit the security dialog to return to the main dialog. After you close the main dialog with , your Bluetooth system is ready for use.
From the main dialog, you can reach the dialog, too. Bluetooth devices are grouped into various device classes. In this dialog, choose the correct one for your computer, such as or . The device class is not very important, unlike the service class, also set here. Sometimes remote Bluetooth devices, like cell phones, only allow certain functions if they can detect the correct service class set on your system. This is often the case for cell phones that expect a class called before they allow the transfer of files from or to the computer. You can choose multiple classes. It is not useful to select all classes “just in case.” The default selection should be appropriate in most cases.
To use Bluetooth to set up a network, activate
in the dialog and set the mode of the daemon with
. For a functional Bluetooth network connection,
one pand must operate in the
mode and the peer in the
mode. By default, the
mode is preset. Adapt the behavior of your
local pand. Additionally, configure the
bnepX interface (X stands for the
device number in the system) in the YaST module.
29.2.2.2. Configuring Bluetooth Manually¶
The configuration files for the individual components of the Bluez system
are located in the directory /etc/bluetooth. The only
exception is the file /etc/sysconfig/bluetooth for
starting the components, which is modified by the YaST module.
The configuration files described below can only be modified
by the user root. Currently,
there is no graphical user interface to change all
settings. The most important ones can be set using the YaST Bluetooth
module, described in Section 29.2.2.1, “Configuring Bluetooth with YaST”.
All other settings are only of interest for
experienced users with special cases. Usually, the default
settings should be adequate.
A PIN number provides basic protection against unwanted
connections. Mobile phones usually query the PIN when establishing
the first contact (or when setting up a device contact on the phone).
For two devices to be able to communicate, both must identify themselves
with the same PIN. On the computer, the PIN is located in the file
/etc/bluetooth/pin.
| Security of Bluetooth Connections |
|---|---|
Despite the PINs, the transmission between two devices may not be fully secure. By default, the authentication and encryption of Bluetooth connections is deactivated. Activating authentication and encryption may result in communication problems with some Bluetooth devices. | |
Various settings, such as the device names and the
security mode, can be changed in the configuration file
/etc/bluetooth/hcid.conf. Usually,
the default settings should be adequate. The file contains
comments describing the options for the various settings.
Two sections in the included file are designated as
options and device. The first
contains general information that hcid uses for starting. The latter
contains settings for the individual local Bluetooth devices.
One of the most important settings of the options
section is security auto;. If set to
auto, hcid tries to use the local PIN for incoming
connections. If it fails, it switches to none and
establishes the connection anyway. For increased security, this default
setting should be set to user to make sure that the user
is requested to enter a PIN every time a connection is established.
Set the name under which the computer is displayed on the other side
in the device section.
The device class, such as Desktop,
Laptop, or Server, is
defined in this section. Authentication and encryption
are also enabled or disabled here.
29.2.3. System Components and Utilities¶
The operability of Bluetooth depends on the interaction of various services.
At least two background daemons are needed: hcid (host controller
interface daemon), which serves as an interface for the Bluetooth
device and controls it, and sdpd (service discovery
protocol daemon), by means of which a device can find out which
services the host makes available. If they are not activated automatically
when the system is started, activate both hcid and sdpd can with
rcbluetooth start. This command
must be executed as root.
The following paragraphs briefly describe the most important shell tools that can be used for working with Bluetooth. Although various graphical components are now available for controlling Bluetooth, it can be worthwhile to check these programs.
Some of the commands can only be executed as root. This includes the command
l2ping
device_address
29.2.3.1. hcitool¶
Use hcitool to determine whether local and remote devices are
detected. The command hcitool dev lists
the local devices. The output generates a line in the form
interface_name
device_address for every detected local device.
Search for remote devices with the command
hcitool inq.
Three values are returned for every detected device:
the device address, the clock offset, and the device
class. The device address is important, because other commands
use it for identifying the target device. The clock offset
mainly serves a technical purpose. The class specifies the
device type and the service type as a hexadecimal value.
Use hcitool name
to determine the device name of a remote device. In the case of a remote
computer, the class and the device name correspond to the information in
its device-address/etc/bluetooth/hcid.conf. Local device addresses
generate an error output.
29.2.3.2. hciconfig¶
The command /usr/sbin/hciconfig delivers
further information about the local device. If
hciconfig is executed without any arguments,
the output shows device information, such as the device name
(hciX), the physical device address (a 12-digit
number in the form 00:12:34:56:78),
and information about the amount of transmitted data.
hciconfig hci0 name displays the name
that is returned by your computer when it receives requests from remote
devices. As well as querying the settings of the local device,
hciconfig can modify these settings. For
example, hciconfig hci0 name TEST sets
the name to TEST.
29.2.3.3. sdptool¶
Use sdptool to check which services are made available
by a specific device. The command sdptool browse
returns all
services of a device. Use sdptool device_addresssearch
to
search for a specific service. This command scans all accessible devices
for the requested service. If one of the devices offers the service, the
program prints the full service name returned by the device together with
a brief description. View a list of all possible service codes by
entering sdptool without any parameters.
service_code
29.2.4. Graphical Applications¶
In Konqueror, enter the URL bluetooth:/ to list local and
remote Bluetooth devices. Double-click a device for an overview of the
services provided by the device. If you move across one of the specified
services with the mouse, the browser's status bar shows which profile is
used for the service. If you click a service, a dialog opens, asking whether
to save, use the service (an application must be started to do this), or
cancel the action. Mark a check box if you do not want the dialog to be
displayed again but always want the selected action to be performed. For
some services, support is not yet available. For others, additional packages
may need to be installed.
29.2.5. Examples¶
This section features two typical examples of possible Bluetooth scenarios. The first shows how a network connection between two hosts can be established via Bluetooth. The second features a connection between a computer and a mobile phone.
29.2.5.1. Network Connection between Two Hosts¶
In the first example, a network connection is
established between the hosts H1
and H2. These two hosts have the
Bluetooth device addresses baddr1 and
baddr2 (determined on both hosts
with the command hcitool dev
as described above). The hosts should be identified with the IP
addresses 192.168.1.3 (H1) and
192.168.1.4 (H2).
The Bluetooth connection is established with the help of pand
(personal area networking daemon). The following commands
must be executed by the user root. The description focuses on the
Bluetooth-specific actions and does not provide a detailed explanation of
the network command ip.
Enter pand -s to start pand
on the host H1. Subsequently, establish a connection
on the host H2 with
pand -c
. If you enter
ip baddr1link show on one of the hosts to
list the available network interfaces, the output should contain an entry
like the following:
bnep0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop qlen 1000 link/ether 00:12:34:56:89:90 brd ff:ff:ff:ff:ff:ff
Instead of 00:12:34:56:89:90, the output should
contain the local device address baddr1 or
baddr2. Now this interface must be assigned
an IP address and activated. On H1,
do this with the following two commands:
ip addr add 192.168.1.3/24 dev bnep0 ip link set bnep0 up
On H2, use the following commands:
ip addr add 192.168.1.4/24 dev bnep0 ip link set bnep0 up
Now H1 can be accessed from H2
at the IP 192.168.1.3. Use the command ssh
192.168.1.4 to access H2
from H1, assuming H2 runs an
sshd, which is activated by default in SUSE Linux Enterprise®. The command
ssh 192.168.1.4 can also be run as a
normal user.
29.2.5.2. Data Transfer from a Mobile Phone to the Computer¶
The second example shows how to transfer a photograph created with a mobile
phone with a built-in digital camera to a computer (without incurring
additional costs for the transmission of a multimedia message). Although
the menu structure may differ on various mobile phones, the procedure is
usually quite similar. Refer to the manual of your phone, if necessary.
This example describes the transfer of a photograph from a Sony Ericsson
mobile phone to a laptop. The service Obex-Push must be available on the
computer and the computer must grant the mobile phone access. In the first
step, the service is made available on the laptop. You need a special
service daemon running on the laptop to get the data from the phone. If the
package kbluetooth is installed,
you do not need to start a special daemon. If kbluetooth is not installed, use the opd
daemon from the bluez-utils
package. Start the daemon with the following command:
opd --mode OBEX --channel 10 --daemonize --path /tmp --sdp
Two important parameters are used: --sdp registers the
service with sdpd and --path
/tmp instructs the program where to save the received
data—in this case to /tmp. You can also specify any
other directory to which you have write access.
If you use kbluetooth, you are prompted for a directory when the photograph is received on the laptop.
Now the mobile phone must get to know the computer. To do this, open the
menu on the phone and select
. If necessary, click before selecting . Select
and let your phone search for the laptop. If
a device is detected, its name appears in the display. Select the device
associated with the laptop. If you encounter a PIN query, enter the PIN
specified in /etc/bluetooth/pin. Now your phone
recognizes the laptop and is able to exchange data with the laptop. Exit
the current menu and go to the image menu. Select the image to transfer and
press . In the next menu, press
to select a transmission mode. Select . The laptop should be listed as a target device.
Select the laptop to start the transmission. The image is then saved to the
directory specified with the opd command. Audio tracks
can be transferred to the laptop in the same way.
29.2.6. Troubleshooting¶
If you have difficulties establishing a connection, proceed according to the following list. Remember that the error can be on either side of a connection or even on both sides. If possible, reconstruct the problem with another Bluetooth device to verify that the device is not defective.
- Is the local device listed in the output of
hcitool
dev? If the local device is not listed in this output, hcid is not started or the device is not recognized as a Bluetooth device. This can have various causes. The device may be defective or the correct driver may be missing. Laptops with built-in Bluetooth often have an on and off switch for wireless devices, like WLAN and Bluetooth. Check the manual of your laptop to see if your device has such a switch. Restart the Bluetooth system with the command rcbluetooth
restartand check if any errors are reported in/var/log/messages.- Does your Bluetooth adapter need a firmware file?
If it does, install
bluez-bluefwand restart the Bluetooth system with rcbluetoothrestart.- Does the output of
hcitool
inqreturn other devices? Test this command more than once. The connection may have interferences, because the frequency band of Bluetooth is also used by other devices.
- Do the PINs match?
Check if the PIN number of the computer (in
/etc/bluetooth/pin) matches that of the target device.- Can the remote device “see” your computer?
Try to establish the connection from the remote device. Check if this device sees the computer.
- Can a network connection be established (see Section 29.2.5.1, “Network Connection between Two Hosts”)?
The setup described in Section 29.2.5.1, “Network Connection between Two Hosts” may not work for several reasons. For example, one of the two computers may not support SSH. Try ping
192.168.1.3or ping192.168.1.4. If this works, check if sshd is active. Another problem could be that one of the two devices already has network settings that conflict with the address192.168.1.Xin the example. If this is the case, try different addresses, such as10.123.1.2and10.123.1.3.- Does the laptop appear as a target device (see Section 29.2.5.2, “Data Transfer from a Mobile Phone to the Computer”)? Does the mobile device recognize the Obex-Push service on the laptop?
In , select the respective device and view the list of . If Obex-Push is not displayed (even after the list is updated), the problem is caused by opd on the laptop. Verify that opd is active and that you have write access to the specified directory.
- Does the scenario described in Section 29.2.5.2, “Data Transfer from a Mobile Phone to the Computer” work the other way around?
If the
obexftppackage is installed, the command obexftp-bcan be used on some devices. Several Siemens and Sony Ericsson models have been tested and found to be functional. Refer to the documentation indevice_address-B 10 -pimage/usr/share/doc/packages/obexftp.
If you have installed the bluez-hcidump package, you can use
hcidump -X to check what is sent between
the
devices. Sometimes the output helps give a hint where the problem is, but
be aware of the fact that it is only partly in “clear text.”
29.2.7. For More Information¶
Some additional (last-minute) documentation can be found in
/usr/share/doc/packages/bluez-utils/ (German and
English versions available).
An extensive overview of various instructions for the use and configuration of Bluetooth is available at http://www.holtmann.org/linux/bluetooth/. Other useful information and instructions:
Official HOWTO of the Bluetooth protocol stack integrated in the kernel: http://bluez.sourceforge.net/howto/index.html
Connection to PalmOS PDA: http://www.cs.ucl.ac.uk/staff/s.zachariadis/btpalmlinux.html
29.3. Infrared Data Transmission¶
IrDA (Infrared Data Association) is an industry standard for wireless communication with infrared light. Many laptops sold today are equipped with an IrDA-compatible transceiver that enables communication with other devices, such as printers, modems, LANs, or other laptops. The transfer speed ranges from 2400 bps to 4 Mbps.
There are two IrDA operation modes. The standard mode, SIR, accesses the infrared port through a serial interface. This mode works on almost all systems and is sufficient for most requirements. The faster mode, FIR, requires a special driver for the IrDA chip. Not all chip types are supported in FIR mode because of a lack of appropriate drivers. Set the desired IrDA mode in the BIOS of your computer. The BIOS also shows which serial interface is used in SIR mode.
Find information about IrDA in the IrDA how-to by Werner Heuser at http://tuxmobil.org/Infrared-HOWTO/Infrared-HOWTO.html. Additionally, refer to the Web site of the Linux IrDA Project at http://irda.sourceforge.net.
29.3.1. Software¶
The necessary kernel modules are included in the kernel package. The package
irda provides the necessary helper
applications for supporting the infrared interface. Find the documentation
at /usr/share/doc/packages/irda/README after the
installation of the package.
29.3.2. Configuration¶
The IrDA system service is not started automatically when the system is booted. Use the YaST IrDA module for activation. Only one setting can be modified in this module: the serial interface of the infrared device. The test window shows two outputs. One is the output of irdadump, which logs all sent and received IrDA packets. This output should contain the name of the computer and the names of all infrared devices in transmission range. An example for these messages is shown in Section 29.3.4, “Troubleshooting”. All devices to which an IrDA connection exists are listed in the lower part of the window.
IrDA consumes a considerable amount of battery power, because a discovery
packet is sent every few seconds to detect other
peripheral devices. Therefore, IrDA should only be started when
necessary if you depend on battery power. Enter the command
rcirda start to activate
it or rcirda stop to
deactivate it. All needed kernel modules
are loaded automatically when the
interface is activated.
If preferred, configure manually in the file
/etc/sysconfig/irda. This file contains
only one variable, IRDA_PORT, which determines
the interface to use in SIR mode.
29.3.3. Usage¶
Data can be sent to the device file /dev/irlpt0
for printing. The device file /dev/irlpt0 acts just
like the normal /dev/lp0 cabled interface, except the
printing data is sent wirelessly with infrared light.
For printing, make sure that the printer is in visual
range of the computer's infrared interface
and the infrared support is started.
A printer that is operated over the infrared interface can be configured
with the YaST printer module.
The printer is not detected automatically and you have to
configure it manually doing the following:
Click
+. Select and click
to configure the printer device. Usually,
irlpt0 is the right connection. Click
to apply your settings. Details about operating
printers in Linux are available in Chapter 20, Printer Operation.
Communication with other hosts and with mobile phones or other similar
devices is conducted through the device file
/dev/ircomm0. The Siemens S25 and Nokia 6210
mobile phones, for example, can dial and connect to the Internet with the
wvdial application using the infrared interface.
Synchronizing data with a Palm Pilot is also possible, provided the
device setting of the corresponding application has been set to
/dev/ircomm0.
If you want, you can address only devices that support the printer or IrCOMM protocols. Devices that support the IROBEX protocol, such as the 3Com Palm Pilot, can be accessed with special applications, like irobexpalm and irobexreceive. Refer to the IR-HOWTO (http://tldp.org/HOWTO/Infrared-HOWTO/) for information. The protocols supported by the device are listed in brackets after the name of the device in the output of irdadump. IrLAN protocol support is still a “work in progress.”
29.3.4. Troubleshooting¶
If devices connected to the infrared port do not respond, use the command
irdadump (as root) to
check if the other device is recognized by the computer. Something similar
to Example 29.1, “Output of irdadump” appears regularly when a Canon BJC-80 printer
is in visible range of the computer:
Example 29.1. Output of irdadump¶
21:41:38.435239 xid:cmd 5b62bed5 > ffffffff S=6 s=0 (14)
21:41:38.525167 xid:cmd 5b62bed5 > ffffffff S=6 s=1 (14)
21:41:38.615159 xid:cmd 5b62bed5 > ffffffff S=6 s=2 (14)
21:41:38.705178 xid:cmd 5b62bed5 > ffffffff S=6 s=3 (14)
21:41:38.795198 xid:cmd 5b62bed5 > ffffffff S=6 s=4 (14)
21:41:38.885163 xid:cmd 5b62bed5 > ffffffff S=6 s=5 (14)
21:41:38.965133 xid:rsp 5b62bed5 < 6cac38dc S=6 s=5 BJC-80
hint=8804 [Printer IrCOMM ] (23)
21:41:38.975176 xid:cmd 5b62bed5 > ffffffff S=6 s=* earth
hint=0500 [ PnP Computer ] (21)Check the configuration of the interface if there is no output or
the other device does not reply. Verify that the correct interface is used.
The infrared interface is sometimes located at
/dev/ttyS2 or at /dev/ttyS3 and
an interrupt other than IRQ 3 is sometimes used. These settings can be
checked and modified in the BIOS setup menu of almost every laptop.
A simple video camera can also help in determining whether the infrared LED lights up at all. Most video cameras can see infrared light; the human eye cannot.
29.4. Managing UMTS/3G Network Connections¶
Universal Mobile Telecommunications System (UMTS), also known as 3G, is a cell phone technology which can offer several multimedia services such as browsing the Web or sending and receiving messages. UMTS cards that are available as PCMCIA cards or Express Cards can be connected to your computer or laptop, and in combination with a SIM (Subscriber Identity Module) card, use the UMTS network to connect your machine with an Internet provider.
To use the UMTS module included in SUSE Linux Enterprise®, you need to install
the umtsmon package that is not
installed by default. It contains the software to control your UMTS (or
GPRS/EDGE) card. With the UMTSmon application, you can then control the
network connection. After the network connection has been established, use a
Web browser of your choice to surf the Internet.
After you have installed the umtsmon package and have connected your UMTS card to the
computer, make sure that the smpppd service is running: Start YaST,
select + and check the status of . If smpppd is
not enabled yet, click . After you have received a
confirmation message, leave the module with .
Now start UMTSmon from the main menu or press Alt+F2 and enter umtsmon. You are usually prompted to enter your SIM card's PIN before the UMTSmon main window appears.
If you do not want to enter your PIN each time, you can also disable the PIN protection for your card. To do so, select + and enter your PIN to confirm. If you need or want to change the PIN, select +.
29.4.1. Configuring UMTSmon¶
Before you can connect to a network, check and configure your network settings in UMTSmon. To define the network operator, select +. To search for available networks, click . After the search has been performed, select your operator from the list and click .
Procedure 29.1. Managing Profiles
You can create different profiles to use in different situations.
From the menu, select .
To create a new profile, click or to change an existing profile, select a profile from the list and click .
Enter the (Access Point Name), and you got from your provider and click .
If you have created several profiles, select one from the list and .
To remove a profile from the list, select it and click .
You can also define or limit the type of connections to be used (UMTS/GSM/GPRS). To do so, select + and change the options according to your wishes. If you disable , these parameters are not automatically refreshed in the UMTSmon main window. In this case, you need to click the icon to show the current parameters.
29.4.2. Monitoring UMTS/3G Network Connections¶
To connect to an existing network, select + or click the icon in the toolbar. After the connection has been established, the UMTSmon main window shows the signal strength and the traffic, depending on the type of card you use. Not all cards are able to monitor the signal strength automatically during an existing network connection.
![[Note]](admon/note.png) | Approximate Total Traffic Values |
|---|---|
Note that the values in the main window are only approximated values and do not necessarily reflect the real values. If you have a contract with your provider based on data volumes transferred, take care not to exceed your volume. | |
To stop the connection, select + or click the icon in the toolbar.
29.4.3. Troubleshooting¶
If you have difficulties establishing a connection or running UMTSmon, proceed according to the following list.
- Is the UMTS card device accessible for the user currently logged in
and does it belong to the
dialoutgroup? UMTS cards connected to your computer are usually listed as
/dev/ttyUSBor as*/dev/noz0.Check the access permissions for those devices with ls -l /dev/ttyUSB* or ls -l /dev/noz0. If
rootis still listed as owner and the device does not belong to thedialoutgroup, set the current user and thedialoutgroup as owner (rootpermission needed) with one of the following commands:chown
user.dialout /dev/ttyUSB* chownuser.dialout /dev/noz0Note that the current user needs to be in the
dialoutgroup to be able to connect to a network. After restarting UMTSmon, the user should now be able to establish a network connection.- Does
/etc/sysconfig/networkcontain a file namedifcfg-raw0? This file is needed to establish a connection with smpppd. If it is not present in
/etc/sysconfig/network, create an empty file withtouch ifcfg-raw0
- You still cannot establish a network connection with UMTSmon?
Run the following commands as
root:touch /etc/sysconfig/network/ifcfg-raw0 rcsmpppd restart
Try to reconnect to a network with UMTSmon. After the connection has been established, check the Kernel IP Routing Table you get with
/sbin/route -n. It should contain an entry such as the following withppp0listed as Iface for Destination0.0.0.0:Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 10.64.64.64 0.0.0.0 UG 0 0 0 ppp0
29.4.4. For More Information¶
Find further additional (last-minute) documentation about UMTSmon
in your installed system under
/usr/share/doc/packages/umtsmon/README.SUSE