shell-things/etc/iwd/main.conf

54 lines
2.4 KiB
Plaintext
Raw Normal View History

2023-01-06 13:50:14 +01:00
[General]
# Request setting regulatory domain (ISO-Alpha-2). Check with `iw reg get`.
# Location-Aided Routing (LAR) or self-managed devices will just set
# the country by nearby APs which again don't expose that configuration to
# their administrator in that great detail resulting to devices within the EU
# advertising country DE.
# To check/refresh regdomain, `iw wlan0 scan | grep -E "SSID:|Country:"`
Country=FI
# Stop iwd from destroying and recreating the interface. I think I am having
# stability issues with systemd-networkd if I have to restart anything
# networking related by hand, which seems to be mitigated by this.
use_default_interface=true
# Build-in network configuration including DHCP client (and server when
# tethering), true if not using systemd-networkd!
#EnableNetworkConfiguration=false
# NOTE! Disable this in case of trouble connecting to network entirely, e.g.
# REALTEK devices!
#AddressRandomization=disabled
# Generate a different spoofed MAC address for every SSID. Some networks
# configured in /var/lib/iwd/ have a new MAC address for every connection.
AddressRandomization=network
# Randomize only 3 last octets of MAC. Reveals the manufacturer, but doesn't
# set the locally administered bit. However the range is 00:00:01 to 00:00:FE
# (254 possible addresses!)
# Helsinki City WLAN (and variations) doesn't seem to like "full" (default)
AddressRandomizationRange=nic
# Always require management frame protection. May break things especially with
# legacy networks and hardware! Switch to 1 (default) for only when supported
# by both sides (downgrade attack possible?).
ManagementFrameProtection=2
# It must be 1 for Lumina (ThinkPad T470) and MikroTik Chateau 5G to accept
# each other, otherwise fallback to open guest network happens.
#ManagementFrameProtection=1
# INSECURE NEVER USING MANAGEMENT FRAME PROTECTION!
#ManagementFrameProtection=0
[Network]
2023-01-06 13:50:14 +01:00
EnableIPv6=true
# My /etc/resolf.conf is generally ::1 127.0.0.1 127.0.0.53 and I am not
# entirely opposed to local servers. The two first are unbound, the third/this
# systemd-resolved. NOTE! Must be used in conjunction with
# EnableNetworkConfiguration!
#NameResolvingService=systemd
#NameResolvingService=none
# Default 300, lower preferred by system. Useful when WiFi is known faster
# than ethernet like having 10 Mbps switch from time before the building had
# anything faster than DSL...
#RoutePriorityOffset=0