From ebc01c16eb54c0e9ca7365fdf0e8cd0f7fc4ce3e Mon Sep 17 00:00:00 2001 From: Aminda Suomalainen Date: Fri, 27 Jan 2023 10:51:51 +0200 Subject: [PATCH] {etc,var/lib/}iwd/: read manual, adjust accordingly --- etc/iwd/main.conf | 10 +++++++++- var/lib/iwd/.gitignore | 3 ++- var/lib/iwd/Helsingfors stads WLAN.open | 2 ++ var/lib/iwd/Helsingin kaupungin WLAN.open | 2 ++ var/lib/iwd/Helsinki City Open WLAN.open | 2 ++ var/lib/iwd/README.md | 6 ++++++ var/lib/iwd/Stadinetti.open | 2 ++ var/lib/iwd/openwireless.org.open | 2 ++ var/lib/iwd/openwireless.org_nomap.open | 2 ++ ...te-wifi-sample.psk => private-cafe-sample.psk} | 10 +++++----- var/lib/iwd/private-home-sample.psk | 15 +++++++++++++++ var/lib/iwd/stadinet.open | 2 ++ 12 files changed, 51 insertions(+), 7 deletions(-) rename var/lib/iwd/{private-wifi-sample.psk => private-cafe-sample.psk} (51%) create mode 100644 var/lib/iwd/private-home-sample.psk diff --git a/etc/iwd/main.conf b/etc/iwd/main.conf index 1c154bff..c0e32f00 100644 --- a/etc/iwd/main.conf +++ b/etc/iwd/main.conf @@ -9,6 +9,14 @@ Country=FI # legacy compatibility, at least on Lumina? use_default_interface=true -# build-in DHCP client +# build-in network configuration including DHCP client EnableNetworkConfiguration=true +# Generate a different spoofed MAC address for every SSID. Some networks +# configured in /var/lib/iwd/ have a new MAC address for every connection. +AddressRandomization=network + +[Network] EnableIPv6=true +# resolvconf/systemd/none. I prefer configuring resolv.conf/unbound by +# myself. +NameResolvingService=none diff --git a/var/lib/iwd/.gitignore b/var/lib/iwd/.gitignore index 5c8e65fe..ac8fb8ed 100644 --- a/var/lib/iwd/.gitignore +++ b/var/lib/iwd/.gitignore @@ -1,3 +1,4 @@ *.psk *.8021x -!private-wifi-sample.psk +!private-cafe-sample.psk +!private-home-sample.psk diff --git a/var/lib/iwd/Helsingfors stads WLAN.open b/var/lib/iwd/Helsingfors stads WLAN.open index e69de29b..20c87175 100644 --- a/var/lib/iwd/Helsingfors stads WLAN.open +++ b/var/lib/iwd/Helsingfors stads WLAN.open @@ -0,0 +1,2 @@ +[Settings] +AlwaysRandomizeAddress=true diff --git a/var/lib/iwd/Helsingin kaupungin WLAN.open b/var/lib/iwd/Helsingin kaupungin WLAN.open index e69de29b..20c87175 100644 --- a/var/lib/iwd/Helsingin kaupungin WLAN.open +++ b/var/lib/iwd/Helsingin kaupungin WLAN.open @@ -0,0 +1,2 @@ +[Settings] +AlwaysRandomizeAddress=true diff --git a/var/lib/iwd/Helsinki City Open WLAN.open b/var/lib/iwd/Helsinki City Open WLAN.open index e69de29b..20c87175 100644 --- a/var/lib/iwd/Helsinki City Open WLAN.open +++ b/var/lib/iwd/Helsinki City Open WLAN.open @@ -0,0 +1,2 @@ +[Settings] +AlwaysRandomizeAddress=true diff --git a/var/lib/iwd/README.md b/var/lib/iwd/README.md index df4caa58..d0568f2d 100644 --- a/var/lib/iwd/README.md +++ b/var/lib/iwd/README.md @@ -11,3 +11,9 @@ Notes: * `Settings.AutoConnect=true` is unnecessary as it defaults to true according to `man iwd.network`. * `IPv6.Enabled=true` defauls to true being also unnecessary. +* `private-home-sample.psk` has a comment on MAC address override and sends + hostname with IPv4 DHCP. `private-cafe-sample.psk` always randomizes MAC + address and doesn't send hostname. +* The `.open` networks always randomize MAC address too. If a network is + private and needs MAC address for captive portal override or something, + `private-home-sample.psk` should be adjusted from. diff --git a/var/lib/iwd/Stadinetti.open b/var/lib/iwd/Stadinetti.open index e69de29b..20c87175 100644 --- a/var/lib/iwd/Stadinetti.open +++ b/var/lib/iwd/Stadinetti.open @@ -0,0 +1,2 @@ +[Settings] +AlwaysRandomizeAddress=true diff --git a/var/lib/iwd/openwireless.org.open b/var/lib/iwd/openwireless.org.open index e69de29b..20c87175 100644 --- a/var/lib/iwd/openwireless.org.open +++ b/var/lib/iwd/openwireless.org.open @@ -0,0 +1,2 @@ +[Settings] +AlwaysRandomizeAddress=true diff --git a/var/lib/iwd/openwireless.org_nomap.open b/var/lib/iwd/openwireless.org_nomap.open index e69de29b..20c87175 100644 --- a/var/lib/iwd/openwireless.org_nomap.open +++ b/var/lib/iwd/openwireless.org_nomap.open @@ -0,0 +1,2 @@ +[Settings] +AlwaysRandomizeAddress=true diff --git a/var/lib/iwd/private-wifi-sample.psk b/var/lib/iwd/private-cafe-sample.psk similarity index 51% rename from var/lib/iwd/private-wifi-sample.psk rename to var/lib/iwd/private-cafe-sample.psk index 145bff5d..9ed2c7c9 100644 --- a/var/lib/iwd/private-wifi-sample.psk +++ b/var/lib/iwd/private-cafe-sample.psk @@ -1,9 +1,9 @@ -# This SSID is "private-wifi-sample", it comes from the filename +# This SSID is "private-cafe-sample", it comes from the filename [Settings] -AutoConnect=true - -[IPv6] -Enabled=true +AlwaysRandomizeAddress=true [Security] Passphrase=MySuperSecretPassphraseThatDoesNotReadHere + +[IPv6] +Enabled=true diff --git a/var/lib/iwd/private-home-sample.psk b/var/lib/iwd/private-home-sample.psk new file mode 100644 index 00000000..95650431 --- /dev/null +++ b/var/lib/iwd/private-home-sample.psk @@ -0,0 +1,15 @@ +# This SSID is "private-home-sample", it comes from the filename +[Settings] +AutoConnect=true +# MAC address override. Takes priority over AlwaysRandomizeAddress +#AddressOverride= + +[Security] +Passphrase=MySuperSecretPassphraseThatDoesNotReadHere + +[IPv4] +# In home network recognising the device may be a quality of life feature +SendHostname=true + +[IPv6] +Enabled=true diff --git a/var/lib/iwd/stadinet.open b/var/lib/iwd/stadinet.open index e69de29b..20c87175 100644 --- a/var/lib/iwd/stadinet.open +++ b/var/lib/iwd/stadinet.open @@ -0,0 +1,2 @@ +[Settings] +AlwaysRandomizeAddress=true