HOWTO Whereami
Originally by Reid Gilman
goodstuff AT blueplazma DOT org
8/4/2005
1) What is Whereami?
Whereami is a very useful little program that "automatically configures your system during boot and whenever a PCMCIA network card is inserted or removed." It can be used to switch settings and is very useful on laptops that move from trusted networks to untrusted networks.
This HOWTO will cover setting up a laptop to differentiate a wired, wireless, and un-trusted wireless network. We will assume that this laptop is normally on a public, unsecured wireless network, but is also used on a home wireless network (which is also unsecured), as well as a home wired network. eth0 will be an ethernet card, and eth1 will be a wireless card. This HOWTO was tested on Ubuntu Hoary running on a Dell Inspiron 8600 with an Intel IPW2200(b/g).
2) Where do I get Whereami?
There are a few ways to get Whereami. I did this install on Ubuntu, so I used apt-get. On Ubuntu, simply
Code:
sudo apt-get install whereami
For other distros, visit the download page.
3) How do I configure Whereami?
Whereami configuration involves two main files: /etc/whereami/detect.conf and /etc/whereami/whereami.conf. From now on, if I refer to one of these files, I mean for it to be prefaced by /etc/whereami. Thus, if I say, "Edit whereami.conf..." I mean "Edit /etc/whereami/whereami.conf". To begin setting up Whereami, cd into the whereami directory from a terminal. 1) detect.conf
detect.conf is the first of the two extremely important files to make whereami function. This file does what it sounds like: it detects on which network you are using a variety of tests. Ubuntu gives you an example detect.conf; I recommend moving it to detect.conf.default and opening a new version like so
Code:
sudo mv detect.conf detect.conf.default && sudo gedit detect.conf
You should now have a nice shiny gedit window with nothing in it. You should set a "default" location. For our purposes, it will be "wireless". Enter the line into your new detect.conf file.
The next test is to determine if there is an ethernet cable plugged in or not, since that can rule out one possible configuration. We will use the testmii command to do so. testmii needs two arguements. The first is an interface to test, the second a network to enable should it find an ethernet cable. Since it is looking for an ethernet cable, it will enable the wired network if it finds one. eth0 is our ethernet card, so enter this line to check for an ethernet cable plugged into eth0
Now let's tell Whereami what to do if an ethernet cable is plugged in.
Code:
if lan
set INTERFACE eth0
testdhcp 192.168.1.0/24 home-wired
testdhcp '*.*.*.*' wired
notat down
else
notat wired,home-wired
always set INTERFACE eth1
always testap scan wlan
fi
So, what does all that mean? Some of it is plain old shell-scripting, but some is not. "set INTERFACE eth0" tells whereami to perform the following tests on the interface eth0. testdhcp tells whereami to test for a DHCP assigned IP address on the interface and activate the selected network if it finds one. "notat down" simply tells Whereami that we have some type of network, since down is going to be our selection when there is absolutely no connectivity. The last command of interest is "testap scan wlan". If you haven't guessed yet, this command simply scans for a wireless AP within range and activate the wlan network when it finds one.
Now, we must determine if we are on our trusted wireless network or not.
Code:
if wlan
testssid MyHomeNetwork home-wireless
testap scan wlan wireless
always notat wlan
fi
"testssid MyHomeNetwork home-wireless" is our final test. If it finds an SSID for our trusted network, then it turns on the home-wireless network. Otherwise, it assumes we have an unknown network. It shuts off wlan because wlan is just a name to avoid conflict in if statements.
2) whereami.conf
Now that we know which network we are at, we need to tell Whereami to do something about it. whereami.conf does this, and is much more straightforward and self-explanatory than is detect.conf.
Here is the first section of our whereami.conf.
Code:
=rm /etc/network/interfaces.old
+home-wired /etc/init.d/networking restart
+home-wired /etc/init.d/firestarter restart
+home-wired setresolver search <put in your settings here>
There are really three things that need explanation here. First is the equals sign (=), which means to always perform the command, regardless of which network we were on before. The plus (+) means to perform this command only if we were not on this network before, and the minus (-) means to perform this command only if we were on this network before, but are NOT anymore. See the documentation for specifics. Also, please consider writing small firewall scripts to replace firestarter if you can. It will give you much better control over your firewall at different locations. I have done this, and have an /etc/init.d/trusted-network-firewall and /etc/init.d/untrusted-network-firewall script set up. That is beyond this HOWTO, but worth considering. Otherwise, the default firestarter setup should be fine for you.
4) How do I make this all work now?
Whereami should work on reboot, or by running the initscript (/etc/init.d/whereami). I found that this works well for me. I hope it works well for you too. These settings can be kind of difficult, but I found the included documentation to be very sparse, so I hope that this example will help you a bit to get off the ground. Obviously, whereami can be used for very complex networks including WEP and WPA, but most people do not need an extremely complex setup.
Bookmarks