LNS config help

Discussion in 'LnS English Forum' started by NAMOR, Jan 30, 2005.

Thread Status:
Not open for further replies.
  1. NAMOR

    NAMOR Registered Member

    Joined:
    May 19, 2004
    Posts:
    1,526
    Location:
    Arkham Asylum
    LNS config help - WiFi Router - WPA-PSK encryption

    Hiya,

    I have a small home wireless network. I'm on cable, using a linksys router (WRT54G) with MAC filtering and and WPA-PSK encrytion enabled. When running the trial version of LNS (with enhanced ruleset) I loose my internet connection after a given amount of time. The log becomes flooded with the entry in the pic below... Any ideas what I'm doing wrong and/or how to fix my situation? I tried to follow the config LNS with routers , but I'm not sure I fully understand the first rule... Where does the address for, "Destination: 01:00:5e:00:00:01 (which is the "all-hosts" group)" come from?

    http://img.photobucket.com/albums/v219/NAMOR/looknstop.jpg

    Regards,
    NAMOR
     
    Last edited by a moderator: Feb 1, 2005
  2. Xyzzy

    Xyzzy Registered Member

    Joined:
    Jan 11, 2005
    Posts:
    67
    Location:
    Poland
    From a very quick peek on Google I can say that they may be reauthentication packets. Just allow them thru LnS.

    X.
     
  3. NAMOR

    NAMOR Registered Member

    Joined:
    May 19, 2004
    Posts:
    1,526
    Location:
    Arkham Asylum
    Thanks for the quick reply Xyzzy... Any input on how exactly I allow them through LNS? Is there a certain rule I need to create? When I right-click on the notification in the log veiwer I only see what's listed below, which doesn't give ME much information.

    http://img.photobucket.com/albums/v219/NAMOR/looknstop2.jpg
     
  4. JF

    JF LnS Support

    Joined:
    Jan 12, 2003
    Posts:
    294
    Re: LNS config help - WiFi - Router - WPA encryption

    Hello,

    In a Look 'n' Stop Internet filtering standard rule, you can specify the following Ethernet types : IP, ARP, others.

    The 0x888E Ethernet type belongs to the "others" case even if this is a rather wide view.

    You may first try to add a rule authorising Ethernet frames with "Others" type between the Ethernet (MAC) address of the PC and the Ethernet address of the router.

    If this works fine, a next step could be to add a raw rule that only authorizes 0x888E ethernet frames instead of those other than IP and ARP.
    Joint to this post, there is such a raw rule ready to be imported. It requires setting up the raw rule edition plugin: http://www.looknstop.com/En/plugin.htm

    To specify your own MAC address in this raw rule, edit fields 1 and 2 and replace the 01:02:03:04:05:06 and 0A:0B:0C:0D:0E:0F values. Set the Value Display Mode to Hexa - Byte split to display the MAC adress in the useful format.

    I do not have a WiFi Router to experiment this raw rule myself.

    Regards,
    JF
     

    Attached Files:

  5. NAMOR

    NAMOR Registered Member

    Joined:
    May 19, 2004
    Posts:
    1,526
    Location:
    Arkham Asylum
    Thanks for taking the time to review my situation JF, I really appreciate it... Just one more quick question..
    For fields 1 and 2 do I enter my MAC address for my computer(fields 1 and 2), computer(field 1) and router(field 2), or router(field1) and computer(field 2)? Hope that makes sense... :D

    Again thanks..
     
  6. JF

    JF LnS Support

    Joined:
    Jan 12, 2003
    Posts:
    294
    Hello,

    Field 1 corresponds to the MAC address of the sender.
    (6 bytes offset relative to beginning of Ethernet frame)

    Field 2 corresponds to the MAC address of the receiver.
    (0 bytes offset relative to beginning of Ethernet frame)

    As there are probably such Ethernet frames type 0x888E in both directions, set the Direction to Both and set Field1/Field2 to PC_MAC/Router_MAC or the other way.

    Regards,
    JF
     
  7. NAMOR

    NAMOR Registered Member

    Joined:
    May 19, 2004
    Posts:
    1,526
    Location:
    Arkham Asylum
    Thanks again JF. :D
     
  8. NAMOR

    NAMOR Registered Member

    Joined:
    May 19, 2004
    Posts:
    1,526
    Location:
    Arkham Asylum
    Well here is an update. I got a reply from LNS support today saying the following.. Just thought I'd post it.
    Anywho, everything seem to be working fine. Thanks again to JF and Xyzzy for their replies.
     
    Last edited: Feb 4, 2005
Thread Status:
Not open for further replies.