Last active
November 11, 2017 15:16
-
-
Save dfrankland/ad6ccd78dc986011d5fd to your computer and use it in GitHub Desktop.
Connect to a WPA-EAP IEEE8021X Enterprise Wireless Access Point using pfSense.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # More info on wpa_supplicant configuration: | |
| # https://w1.fi/cgit/hostap/plain/wpa_supplicant/wpa_supplicant.conf | |
| # INSIDE PFSENSE DO NOT "ENABLE WPA" ON THE INTERFACE YOU ARE TRYING TO USE BELOW | |
| interface="" # Your wifi interface eg "ath0_wlan0" (DO NOT "ENABLE WPA") | |
| ssid="" # SSID of the AP you're connecting to | |
| identity="" # Your 802.1X Enterprise username | |
| password="" # Your 802.1X Enterprise password | |
| elapsed () { | |
| if [ -z "$date1" ]; then | |
| date1=$( date "+%s" ) | |
| fi | |
| local date2 | |
| local diff | |
| date2=$( date "+%s" ) | |
| diff=$(( date2 - date1 )) | |
| echo "Time Elapsed: $(( diff / 60 )) mintues $(( diff % 60 )) seconds" | |
| echo "" | |
| echo "______________________________" | |
| echo "" | |
| } | |
| findchannel () { | |
| local searchfor | |
| local channel | |
| local freq | |
| ifconfig $interface chanlist 1-255 | |
| channel="" | |
| if [ ${#ssid} -gt 14 ]; then | |
| searchfor="$(echo "$ssid" | awk '{print substr($0, 1, 11)}')..." | |
| else | |
| searchfor="$ssid" | |
| fi | |
| while ( true ) do | |
| clear | |
| elapsed | |
| echo ">>> Finding $ssid's channel" | |
| if [ ${#ssid} -gt 14 ]; then | |
| echo ">>> Using \"$searchfor\" as SSID, because ifconfig truncates SSIDs..." | |
| fi | |
| echo "" | |
| ifconfig $interface list scan | |
| channel="$(ifconfig $interface list scan | grep "$searchfor" | awk '{print $3}')" | |
| if [ -n "$channel" ]; then | |
| ifconfig $interface chanlist "$channel" | |
| freq="$(ifconfig $interface list active | awk '{print $4}')" | |
| sleep 3 | |
| echo "" | |
| echo ">>> $ssid's channel = $channel / frequency = $freq MHz" | |
| sleep 3 | |
| return | |
| fi | |
| sleep 3 | |
| done | |
| } | |
| wpa () { | |
| local conf | |
| conf="/conf/wpa_supplicant.conf" | |
| cat <<EOF > "$conf" | |
| ctrl_interface=/var/run/wpa_supplicant | |
| network={ | |
| ssid="$ssid" | |
| identity="$identity" | |
| password="$password" | |
| scan_ssid=1 | |
| key_mgmt=WPA-EAP IEEE8021X | |
| eap=PEAP | |
| phase1="peaplabel=0" | |
| phase2="auth=MSCHAPV2" | |
| proactive_key_caching=1 | |
| } | |
| EOF | |
| sleep 3 | |
| echo ">>> Starting wpa_supplicant in background" | |
| /usr/sbin/wpa_supplicant -i $interface -c "$conf" -B > /dev/null 2>&1 | |
| sleep 3 | |
| } | |
| main () { | |
| local seconds | |
| local stats | |
| findchannel | |
| wpa | |
| while( true ) do | |
| clear | |
| elapsed | |
| stats="$(wpa_cli status)" | |
| echo "$stats" | |
| if echo "$stats" | grep -q "EAP state=SUCCESS"; then | |
| if [ -z "$seconds" ]; then | |
| seconds=60 | |
| fi | |
| echo "" | |
| echo "______________________________" | |
| echo "" | |
| echo ">>> Waiting for stable connection (~T-$seconds seconds)" | |
| seconds=$(( seconds - 3 )) | |
| if [ "$seconds" -lt 1 ]; then | |
| echo ">>> Connection is stable... Success! :)" | |
| return | |
| fi | |
| fi | |
| sleep 3 | |
| done | |
| } | |
| trap "exit" INT | |
| clear | |
| elapsed | |
| main |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Great work. How to use you script on a pfsense 2.2.4?