WEP and the SMC ap.

12-27-2001

Anyone get these two to work togething in unix? I'm using OpenBSD and the people I've talked to on the OpenBSD lists say they couldn't get the two to play together. If you've had similar problems, or you got it to work, let me know.

02-06-2002

I have one (the 2652, I think, I can check) working with Linux. I configured it initially with their supplied tool, but it's just SNMP, using the ATMEL Mib, so after I figured out what the tool was doing, I can configure it with snmptools.

I won't post the entire mib here, google for it.

Here is my trace and notes of a configuration session. I have changed all the keys and such since, so don't sweat that.

Note: I think that I didn't specify -s1500 to tcpdump, so the packets below may be truncated, but it should give you an idea.

Authenticating to AP. I give it the Community name and ask for sysDescr and operChannelID. He gives me back the Description and, presumably, the channel id -- if that's what [|snmp] means:

21:00:46.961924 > myhostIP.1636 > puck.snmp: C=MiniAP GetRequest(47) E:410.1.1.1.1.0 E:410.1.2.1.1.0
21:00:46.963696 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(101) E:410.1.1.1.1.0=38_30_32_2e_31_31_20_41_50_20_28_5 6_65_72_2e_20_31_2e_34_66_2e_34_29_20_4d_69_6e_69_ 41_50_00_00_00_00_00_00_00_00_00_00_44_db_00_01_be _05_00_00_0c_00_00_00_17_a9_00_01_74 E:410.1.2.1.1=[|snmp]

Having authenticated, now I change the ???

21:00:46.980040 > myhostIP.1636 > puck.snmp: C=MiniAP SetRequest(30) E:410.1.2.1.6.0=2
21:00:46.981614 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(30) E:410.1.2.1.6.0=2

Ask for the sysDeviceInfo, operIPAddress, operIPMask, operChannelID:

21:00:46.992689 > myhostIP.1636 > puck.snmp: C=MiniAP GetRequest(100) E:410.1.1.1.5.0 E:410.1.1.2.1.0 E:410.1.1.2.2.0 E:410.1.1.2.3.0 E:410.1.2.1.1.0[|snmp]
21:00:46.996544 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(99) E:410.1.1.1.5.0=02_00_00_00_00_04_e2_0e_c1_12_00_0 1_10_00_00_00_00_00_00_00_45_55_4d_49_54_43_4f_4d_ 00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00 _00_00_00_00_00_00_00_00_00_00_00_41_43_43_45_53_5 3_20_50_4f_49_4e_54_00

Ask for operESSID, privacyWEPEnable, AssociatedSTAsNum, ChannelStatus, operAccessPointName

21:00:47.010763 > myhostIP.1636 > puck.snmp: C=MiniAP GetRequest(100) E:410.1.2.1.3.0 E:410.1.2.2.5.0 E:410.1.2.5.1.0 E:410.1.2.1.4.0 E:410.1.2.1.10.0[|snmp]
21:00:47.016590 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(99) E:410.1.2.1.3.0=57_4c_41_4e_00_00_00_00_00_00_00_0 0_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_ 00_00_00_00 E:410.1.2.2.5.0=2 E:410.1.2.5.1.0=0

Ask for the sysDeviceInfo, operIPAddress, operIPMask, operChannelID:

21:01:07.650848 > myhostIP.1636 > puck.snmp: C=MiniAP GetRequest(100) E:410.1.1.1.5.0 E:410.1.1.2.1.0 E:410.1.1.2.2.0 E:410.1.1.2.3.0 E:410.1.2.1.1.0[|snmp]
21:01:07.654735 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(99) E:410.1.1.1.5.0=02_00_00_00_00_04_e2_0e_c1_12_00_0 1_10_00_00_00_00_00_00_00_45_55_4d_49_54_43_4f_4d_ 00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00 _00_00_00_00_00_00_00_00_00_00_00_41_43_43_45_53_5 3_20_50_4f_49_4e_54_00

Ask for operESSID, privacyWEPEnable, AssociatedSTAsNum, ChannelStatus, operAccessPointName

21:01:07.674705 > myhostIP.1636 > puck.snmp: C=MiniAP GetRequest(100) E:410.1.2.1.3.0 E:410.1.2.2.5.0 E:410.1.2.5.1.0 E:410.1.2.1.4.0 E:410.1.2.1.10.0[|snmp]
21:01:07.680542 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(99) E:410.1.2.1.3.0=57_4c_41_4e_00_00_00_00_00_00_00_0 0_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_ 00_00_00_00 E:410.1.2.2.5.0=2 E:410.1.2.5.1.0=0

Ask for defaultWEPKey[1-3] and privacyDefaultWEPKeyID
21:01:32.712264 > myhostIP.1636 > puck.snmp: C=MiniAP GetRequest(100) E:410.1.2.2.1.0 E:410.1.2.2.2.0 E:410.1.2.2.3.0 E:410.1.2.2.4.0 E:410.1.2.2.6.0[|snmp]
21:01:32.719241 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(99) E:410.1.2.2.1.0=00_00_00_00_00_00_00_00_00_00_00_0 0_00 E:410.1.2.2.2.0=00_00_00_00_00_00_00_00_00_00_00_0 0_00 E:410.1.2.2.3.0=00_00_00_00_00_00_00

Set the WEPKeys (even though I only specified one, it seems to have set the others as well?).

21:02:20.413879 > myhostIP.1636 > puck.snmp: C=MiniAP SetRequest(99) E:410.1.2.2.1.0=25_36_5d_b7_ef_92_82_3f_1e_88_7d_a 0_ce E:410.1.2.2.2.0=92_82_3f_1e_88_00_00_00_00_00_00_0 0_00 E:410.1.2.2.3.0=7d_a0_ce_00_00_00_00
21:02:20.420574 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(99) E:410.1.2.2.1.0=25_36_5d_b7_ef_92_82_3f_1e_88_7d_a 0_ce E:410.1.2.2.2.0=92_82_3f_1e_88_00_00_00_00_00_00_0 0_00 E:410.1.2.2.3.0=7d_a0_ce_00_00_00_00

Reboot the AP:

21:02:20.429570 > myhostIP.1636 > puck.snmp: C=MiniAP SetRequest(30) E:410.1.1.1.6.0=1
21:02:20.430878 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(30) E:410.1.1.1.6.0=1

AP reboots

21:02:21.628823 B 0.0.0.0.snmp-trap > 255.255.255.255.snmp-trap: Trap(26) E:410.1.1 [192.168.0.2] coldStart 0[nothing to parse]

Oct 27 21:02:21 myhost kernel: Packet log: input REJECT eth1 PROTO=17 0.0.0.0:162 255.255.255.255:162 L=69 S=0x00 I=1 F=0x0000 T=64 (#62)
Oct 27 21:02:22 myhost dhcpd: DHCPDISCOVER from 00:04:e2:0e:c1:12 via eth1
Oct 27 21:02:22 myhost dhcpd: DHCPOFFER on 192.168.0.2 to 00:04:e2:0e:c1:12 via eth1
Oct 27 21:02:22 myhost dhcpd: DHCPREQUEST for 192.168.0.2 from 00:04:e2:0e:c1:12 via eth1
Oct 27 21:02:22 myhost dhcpd: DHCPACK on 192.168.0.2 to 00:04:e2:0e:c1:12 via eth1

Now it asks for the WEP keys again (presumably, because the application is displaying this screen)

21:02:25.701487 > myhostIP.1636 > puck.snmp: C=MiniAP GetRequest(100) E:410.1.2.2.1.0 E:410.1.2.2.2.0 E:410.1.2.2.3.0 E:410.1.2.2.4.0 E:410.1.2.2.6.0[|snmp]
21:02:25.708553 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(99) E:410.1.2.2.1.0=25_36_5d_b7_ef_92_82_3f_1e_88_7d_a 0_ce E:410.1.2.2.2.0=92_82_3f_1e_88_00_00_00_00_00_00_0 0_00 E:410.1.2.2.3.0=7d_a0_ce_00_00_00_00

And we're setting something else, what's here is the channel, essid len, essid, IP address, and something else that's truncated.
21:03:58.875963 > myhostIP.1636 > puck.snmp: C=MiniAP SetRequest(99) E:410.1.2.1.1.0=11 E:410.1.2.1.2.0=4 E:410.1.2.1.3.0="WLAN" E:410.1.1.2.1.0=[192.168.0.2] .iso.org=[|snmp]
21:03:58.883984 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(99) E:410.1.2.1.1.0=11 E:410.1.2.1.2.0=4 E:410.1.2.1.3.0="WLAN" E:410.1.1.2.1.0=[192.168.0.2] .iso.org=[|snmp]

Reboot again:

21:03:58.906253 > myhostIP.1636 > puck.snmp: C=MiniAP SetRequest(30) E:410.1.1.1.6.0=1
21:03:58.907541 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(30) E:410.1.1.1.6.0=1

AP reboots

21:03:59.881766 B 0.0.0.0.snmp-trap > 255.255.255.255.snmp-trap: Trap(26) E:410.1.1 [192.168.0.2] coldStart 0[nothing to parse]
Oct 27 21:03:59 myhost kernel: Packet log: input REJECT eth1 PROTO=17 0.0.0.0:162 255.255.255.255:162 L=69 S=0x00 I=1 F=0x0000 T=64 (#62)
Oct 27 21:04:00 myhost dhcpd: DHCPDISCOVER from 00:04:e2:0e:c1:12 via eth1
Oct 27 21:04:00 myhost dhcpd: DHCPOFFER on 192.168.0.2 to 00:04:e2:0e:c1:12 via eth1
Oct 27 21:04:00 myhost dhcpd: DHCPREQUEST for 192.168.0.2 from 00:04:e2:0e:c1:12 via eth1
Oct 27 21:04:00 myhost dhcpd: DHCPACK on 192.168.0.2 to 00:04:e2:0e:c1:12 via eth1

Now we look at the MAC filters:

first the AP tells us that MAC filtering is disabled:

21:12:14.085271 > myhostIP.1636 > puck.snmp: C=MiniAP GetRequest(29) E:410.1.2.6.1.0
21:12:14.087058 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(30) E:410.1.2.6.1.0=2

Then we set the first of the MAC filters -- but this is a broadcast address, and I don't know what the first 6 bytes mean.
21:12:14.112847 > myhostIP.1636 > puck.snmp: C=MiniAP SetRequest(41) E:410.1.2.6.2.0=02_00_00_00_01_00_00_00_00_00_00_0 0
21:12:14.114680 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(41) E:410.1.2.6.2.0=02_00_ff_ff_01_00_ff_ff_ff_ff_ff_f f

And do the same thing again:

21:12:52.905507 > myhostIP.1636 > puck.snmp: C=MiniAP SetRequest(41) E:410.1.2.6.2.0=02_00_00_00_01_00_00_00_00_00_00_0 0
21:12:52.907373 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(41) E:410.1.2.6.2.0=02_00_ff_ff_01_00_ff_ff_ff_ff_ff_f f

And then define one, and reboot the AP. This is AuthorizationMacEnable:

21:20:48.740921 > myhostIP.1636 > puck.snmp: C=MiniAP SetRequest(30) E:410.1.2.6.1.0=1
21:20:48.743222 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(30) E:410.1.2.6.1.0=1

This is AuthorizedMac:
21:20:48.963713 > myhostIP.1636 > puck.snmp: C=MiniAP SetRequest(41) E:410.1.2.6.2.0=01_00_01_00_01_00_00_02_2d_0e_c7_a 5
21:20:48.973928 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(41) E:410.1.2.6.2.0=01_00_01_00_01_00_00_02_2d_0e_c7_a 5

Restart:
21:20:49.194256 > myhostIP.1636 > puck.snmp: C=MiniAP SetRequest(30) E:410.1.1.1.6.0=1
21:20:49.195554 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(30) E:410.1.1.1.6.0=1

21:20:50.249189 B 0.0.0.0.snmp-trap > 255.255.255.255.snmp-trap: Trap(26) E:410.1.1 [192.168.0.2] coldStart 0[nothing to parse]

Oct 27 21:20:50 myhost kernel: Packet log: input REJECT eth1 PROTO=17 0.0.0.0:162 255.255.255.255:162 L=69 S=0x00 I=1 F=0x0000 T=64 (#62)
Oct 27 21:20:51 myhost dhcpd: DHCPDISCOVER from 00:04:e2:0e:c1:12 via eth1
Oct 27 21:20:51 myhost dhcpd: DHCPOFFER on 192.168.0.2 to 00:04:e2:0e:c1:12 via eth1
Oct 27 21:20:51 myhost dhcpd: DHCPREQUEST for 192.168.0.2 from 00:04:e2:0e:c1:12 via eth1
Oct 27 21:20:51 myhost dhcpd: DHCPACK on 192.168.0.2 to 00:04:e2:0e:c1:12 via eth1

Here we set the password (AuthorizedAdminPass and AuthorizedManufactPass) and then reboot.

22:02:06.431063 > myhostIP.1636 > puck.snmp: C=MiniAP SetRequest(63) E:410.1.1.9.2.0="password" E:410.1.1.9.3.0="password"
22:02:06.433880 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(63) E:410.1.1.9.2.0="password" E:410.1.1.9.3.0="password"

22:02:07.192025 B 0.0.0.0.snmp-trap > 255.255.255.255.snmp-trap: Trap(26) E:410.1.1 [192.168.0.2] coldStart 0[nothing to parse]

Oct 27 22:02:07 myhost kernel: Packet log: input REJECT eth1 PROTO=17 0.0.0.0:162 255.255.255.255:162 L=69 S=0x00 I=1 F=0x0000 T=64 (#62)
Oct 27 22:02:08 myhost dhcpd: DHCPDISCOVER from 00:04:e2:0e:c1:12 via eth1
Oct 27 22:02:08 myhost dhcpd: DHCPOFFER on 192.168.0.2 to 00:04:e2:0e:c1:12 via eth1
Oct 27 22:02:08 myhost dhcpd: DHCPREQUEST for 192.168.0.2 from 00:04:e2:0e:c1:12 via eth1
Oct 27 22:02:08 myhost dhcpd: DHCPACK on 192.168.0.2 to 00:04:e2:0e:c1:12 via eth1

Now, with the new password:
22:45:19.045483 > myhostIP.1636 > puck.snmp: C=password GetRequest(47) E:410.1.1.1.1.0 E:410.1.2.1.1.0\
22:45:19.047226 B arp who-has myhostIP (0:2:64:6:a1:0) tell puck
22:45:19.047332 > arp reply myhostIP (0:50:bf:75:8:90) is-at 0:50:bf:75:8:90 (0:4:e2:e:c1:12)
22:45:19.047739 < puck.snmp > myhostIP.1636: C=password GetResponse(99) E:410.1.1.1.1.0=38_30_32_2e_31_31_20_41_50_20_28_5 6_65_72_2e_20_31_2e_34_66_2e_34_29_20_4d_69_6e_69_ 41_50_00_00_e5_03_00_00_b9_af_01_02_44_db_00_01_bc _05_00_00_0c_00_00_00_17_a9_00_01_74 E:410.1.2=[|snmp]
22:45:19.056114 > myhostIP.1636 > puck.snmp: C=password SetRequest(30) E:410.1.2.1.6.0=2
22:45:19.057696 < puck.snmp > myhostIP.1636: C=password GetResponse(30) E:410.1.2.1.6.0=2
22:45:19.079306 > myhostIP.1636 > puck.snmp: C=password GetRequest(98) E:410.1.1.1.5.0 E:410.1.1.2.1.0 E:410.1.1.2.2.0 E:410.1.1.2.3.0 E:410.1.2.1.1[|snmp]
22:45:19.083180 < puck.snmp > myhostIP.1636: C=password GetResponse(97) E:410.1.1.1.5.0=02_00_00_00_00_04_e2_0e_c1_12_00_0 1_10_00_00_00_00_00_00_00_45_55_4d_49_54_43_4f_4d_ 00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00 _00_00_00_00_00_00_00_00_00_00_00_41_43_43_45_53_5 3_20_50_4f_49_4e
22:45:19.097005 > myhostIP.1636 > puck.snmp: C=password GetRequest(98) E:410.1.2.1.3.0 E:410.1.2.2.5.0 E:410.1.2.5.1.0 E:410.1.2.1.4.0 E:410.1.2.1.10[|snmp]
22:45:19.102888 < puck.snmp > myhostIP.1636: C=password GetResponse(97) E:410.1.2.1.3.0=57_4c_41_4e_00_00_00_00_00_00_00_0 0_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_ 00_00_00_00 E:410.1.2.2.5.0=3 E:410.1.2.5.1.0=[|snmp]

we intend to change the wepkey again:

22:45:46.511725 > myhostIP.1636 > puck.snmp: C=password GetRequest(98) E:410.1.1.1.5.0 E:410.1.1.2.1.0 E:410.1.1.2.2.0 E:410.1.1.2.3.0 E:410.1.2.1.1[|snmp]
22:45:46.515610 < puck.snmp > myhostIP.1636: C=password GetResponse(97) E:410.1.1.1.5.0=02_00_00_00_00_04_e2_0e_c1_12_00_0 1_10_00_00_00_00_00_00_00_45_55_4d_49_54_43_4f_4d_ 00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00 _00_00_00_00_00_00_00_00_00_00_00_41_43_43_45_53_5 3_20_50_4f_49_4e
22:45:46.544053 > myhostIP.1636 > puck.snmp: C=password GetRequest(98) E:410.1.2.1.3.0 E:410.1.2.2.5.0 E:410.1.2.5.1.0 E:410.1.2.1.4.0 E:410.1.2.1.10[|snmp]
22:45:46.549926 < puck.snmp > myhostIP.1636: C=password GetResponse(97) E:410.1.2.1.3.0=57_4c_41_4e_00_00_00_00_00_00_00_0 0_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_ 00_00_00_00 E:410.1.2.2.5.0=3 E:410.1.2.5.1.0=[|snmp]
22:45:53.221938 > myhostIP.1636 > puck.snmp: C=password GetRequest(98) E:410.1.2.2.1.0 E:410.1.2.2.2.0 E:410.1.2.2.3.0 E:410.1.2.2.4.0 E:410.1.2.2.6[|snmp]
22:45:53.228566 < puck.snmp > myhostIP.1636: C=password GetResponse(97) E:410.1.2.2.1.0=25_36_5d_b7_ef_92_82_3f_1e_88_7d_a 0_ce E:410.1.2.2.2.0=92_82_3f_1e_88_00_00_00_00_00_00_0 0_00 E:410.1.2.2.3.0=7d_a0_ce_00_00

And we really change it:

22:47:07.351579 > myhostIP.1636 > puck.snmp: C=password SetRequest(97) E:410.1.2.2.1.0=fc_54_d7_f1_dd_ef_00_25_52_10_ae_1 3_f3 E:410.1.2.2.2.0=fc_54_d7_f1_dd_00_00_00_00_00_00_0 0_00 E:410.1.2.2.3.0=87_2d_9f_00_00
22:47:07.358748 < puck.snmp > myhostIP.1636: C=password GetResponse(97) E:410.1.2.2.1.0=fc_54_d7_f1_dd_ef_00_25_52_10_ae_1 3_f3 E:410.1.2.2.2.0=fc_54_d7_f1_dd_00_00_00_00_00_00_0 0_00 E:410.1.2.2.3.0=87_2d_9f_00_00
22:47:07.365696 > myhostIP.1636 > puck.snmp: C=password SetRequest(30) E:410.1.1.1.6.0=1
22:47:07.366990 < puck.snmp > myhostIP.1636: C=password GetResponse(30) E:410.1.1.1.6.0=1

22:47:07.916889 B 0.0.0.0.snmp-trap > 255.255.255.255.snmp-trap: Trap(26) E:410.1.1 [192.168.0.2] coldStart 0[nothing to parse]

Oct 27 22:47:07 myhost kernel: Packet log: input REJECT eth1 PROTO=17 0.0.0.0:162 255.255.255.255:162 L=69 S=0x00 I=1 F=0x0000 T=64 (#62)
Oct 27 22:47:08 myhost dhcpd: DHCPDISCOVER from 00:04:e2:0e:c1:12 via eth1
Oct 27 22:47:08 myhost dhcpd: DHCPOFFER on 192.168.0.2 to 00:04:e2:0e:c1:12 via eth1
Oct 27 22:47:08 myhost dhcpd: DHCPREQUEST for 192.168.0.2 from 00:04:e2:0e:c1:12 via eth1
Oct 27 22:47:08 myhost dhcpd: DHCPACK on 192.168.0.2 to 00:04:e2:0e:c1:12 via eth1

22:47:13.037709 > myhostIP.1636 > puck.snmp: C=password GetRequest(98) E:410.1.2.2.1.0 E:410.1.2.2.2.0 E:410.1.2.2.3.0 E:410.1.2.2.4.0 E:410.1.2.2.6[|snmp]
22:47:13.044753 < puck.snmp > myhostIP.1636: C=password GetResponse(97) E:410.1.2.2.1.0=11_7e_bd_3f_9e_fc_54_d7_f1_dd_87_2 d_9f E:410.1.2.2.2.0=fc_54_d7_f1_dd_00_00_00_00_00_00_0 0_00 E:410.1.2.2.3.0=87_2d_9f_00_00

Now we change the APname and SSID:

22:54:59.749026 > myhostIP.1636 > puck.snmp: C=password SetRequest(97) E:410.1.2.1.1.0=11 E:410.1.2.1.2.0=14 E:410.1.2.1.3.0="AP@myhost" E:410.1.1.2.1=[|snmp]
22:54:59.757138 < puck.snmp > myhostIP.1636: C=password GetResponse(97) E:410.1.2.1.1.0=11 E:410.1.2.1.2.0=14 E:410.1.2.1.3.0="AP@myhost" E:410.1.1.2.1=[|snmp]
22:54:59.778347 > myhostIP.1636 > puck.snmp: C=password SetRequest(30) E:410.1.1.1.6.0=1
22:54:59.779657 < puck.snmp > myhostIP.1636: C=password GetResponse(30) E:410.1.1.1.6.0=1

22:55:00.805589 B 0.0.0.0.snmp-trap > 255.255.255.255.snmp-trap: Trap(26) E:410.1.1 [192.168.0.2] coldStart 0[nothing to parse]

Oct 27 22:55:00 myhost kernel: Packet log: input REJECT eth1 PROTO=17 0.0.0.0:162 255.255.255.255:162 L=69 S=0x00 I=1 F=0x0000 T=64 (#62)
Oct 27 22:55:01 myhost dhcpd: DHCPDISCOVER from 00:04:e2:0e:c1:12 via eth1
Oct 27 22:55:01 myhost dhcpd: DHCPOFFER on 192.168.0.2 to 00:04:e2:0e:c1:12 via eth1
Oct 27 22:55:01 myhost dhcpd: DHCPREQUEST for 192.168.0.2 from 00:04:e2:0e:c1:12 via eth1
Oct 27 22:55:01 myhost dhcpd: DHCPACK on 192.168.0.2 to 00:04:e2:0e:c1:12 via eth1

12-27-2001	#1 (permalink)
Posts: n/a	WEP and the SMC ap. Anyone get these two to work togething in unix? I'm using OpenBSD and the people I've talked to on the OpenBSD lists say they couldn't get the two to play together. If you've had similar problems, or you got it to work, let me know.

02-06-2002	#2 (permalink)
Posts: n/a	which smc ap? I have one (the 2652, I think, I can check) working with Linux. I configured it initially with their supplied tool, but it's just SNMP, using the ATMEL Mib, so after I figured out what the tool was doing, I can configure it with snmptools. I won't post the entire mib here, google for it. Here is my trace and notes of a configuration session. I have changed all the keys and such since, so don't sweat that. Note: I think that I didn't specify -s1500 to tcpdump, so the packets below may be truncated, but it should give you an idea. Authenticating to AP. I give it the Community name and ask for sysDescr and operChannelID. He gives me back the Description and, presumably, the channel id -- if that's what [\|snmp] means: 21:00:46.961924 > myhostIP.1636 > puck.snmp: C=MiniAP GetRequest(47) E:410.1.1.1.1.0 E:410.1.2.1.1.0 21:00:46.963696 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(101) E:410.1.1.1.1.0=38_30_32_2e_31_31_20_41_50_20_28_5 6_65_72_2e_20_31_2e_34_66_2e_34_29_20_4d_69_6e_69_ 41_50_00_00_00_00_00_00_00_00_00_00_44_db_00_01_be _05_00_00_0c_00_00_00_17_a9_00_01_74 E:410.1.2.1.1=[\|snmp] Having authenticated, now I change the ??? 21:00:46.980040 > myhostIP.1636 > puck.snmp: C=MiniAP SetRequest(30) E:410.1.2.1.6.0=2 21:00:46.981614 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(30) E:410.1.2.1.6.0=2 Ask for the sysDeviceInfo, operIPAddress, operIPMask, operChannelID: 21:00:46.992689 > myhostIP.1636 > puck.snmp: C=MiniAP GetRequest(100) E:410.1.1.1.5.0 E:410.1.1.2.1.0 E:410.1.1.2.2.0 E:410.1.1.2.3.0 E:410.1.2.1.1.0[\|snmp] 21:00:46.996544 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(99) E:410.1.1.1.5.0=02_00_00_00_00_04_e2_0e_c1_12_00_0 1_10_00_00_00_00_00_00_00_45_55_4d_49_54_43_4f_4d_ 00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00 _00_00_00_00_00_00_00_00_00_00_00_41_43_43_45_53_5 3_20_50_4f_49_4e_54_00 Ask for operESSID, privacyWEPEnable, AssociatedSTAsNum, ChannelStatus, operAccessPointName 21:00:47.010763 > myhostIP.1636 > puck.snmp: C=MiniAP GetRequest(100) E:410.1.2.1.3.0 E:410.1.2.2.5.0 E:410.1.2.5.1.0 E:410.1.2.1.4.0 E:410.1.2.1.10.0[\|snmp] 21:00:47.016590 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(99) E:410.1.2.1.3.0=57_4c_41_4e_00_00_00_00_00_00_00_0 0_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_ 00_00_00_00 E:410.1.2.2.5.0=2 E:410.1.2.5.1.0=0 Ask for the sysDeviceInfo, operIPAddress, operIPMask, operChannelID: 21:01:07.650848 > myhostIP.1636 > puck.snmp: C=MiniAP GetRequest(100) E:410.1.1.1.5.0 E:410.1.1.2.1.0 E:410.1.1.2.2.0 E:410.1.1.2.3.0 E:410.1.2.1.1.0[\|snmp] 21:01:07.654735 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(99) E:410.1.1.1.5.0=02_00_00_00_00_04_e2_0e_c1_12_00_0 1_10_00_00_00_00_00_00_00_45_55_4d_49_54_43_4f_4d_ 00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00 _00_00_00_00_00_00_00_00_00_00_00_41_43_43_45_53_5 3_20_50_4f_49_4e_54_00 Ask for operESSID, privacyWEPEnable, AssociatedSTAsNum, ChannelStatus, operAccessPointName 21:01:07.674705 > myhostIP.1636 > puck.snmp: C=MiniAP GetRequest(100) E:410.1.2.1.3.0 E:410.1.2.2.5.0 E:410.1.2.5.1.0 E:410.1.2.1.4.0 E:410.1.2.1.10.0[\|snmp] 21:01:07.680542 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(99) E:410.1.2.1.3.0=57_4c_41_4e_00_00_00_00_00_00_00_0 0_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_ 00_00_00_00 E:410.1.2.2.5.0=2 E:410.1.2.5.1.0=0 Ask for defaultWEPKey[1-3] and privacyDefaultWEPKeyID 21:01:32.712264 > myhostIP.1636 > puck.snmp: C=MiniAP GetRequest(100) E:410.1.2.2.1.0 E:410.1.2.2.2.0 E:410.1.2.2.3.0 E:410.1.2.2.4.0 E:410.1.2.2.6.0[\|snmp] 21:01:32.719241 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(99) E:410.1.2.2.1.0=00_00_00_00_00_00_00_00_00_00_00_0 0_00 E:410.1.2.2.2.0=00_00_00_00_00_00_00_00_00_00_00_0 0_00 E:410.1.2.2.3.0=00_00_00_00_00_00_00 Set the WEPKeys (even though I only specified one, it seems to have set the others as well?). 21:02:20.413879 > myhostIP.1636 > puck.snmp: C=MiniAP SetRequest(99) E:410.1.2.2.1.0=25_36_5d_b7_ef_92_82_3f_1e_88_7d_a 0_ce E:410.1.2.2.2.0=92_82_3f_1e_88_00_00_00_00_00_00_0 0_00 E:410.1.2.2.3.0=7d_a0_ce_00_00_00_00 21:02:20.420574 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(99) E:410.1.2.2.1.0=25_36_5d_b7_ef_92_82_3f_1e_88_7d_a 0_ce E:410.1.2.2.2.0=92_82_3f_1e_88_00_00_00_00_00_00_0 0_00 E:410.1.2.2.3.0=7d_a0_ce_00_00_00_00 Reboot the AP: 21:02:20.429570 > myhostIP.1636 > puck.snmp: C=MiniAP SetRequest(30) E:410.1.1.1.6.0=1 21:02:20.430878 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(30) E:410.1.1.1.6.0=1 AP reboots 21:02:21.628823 B 0.0.0.0.snmp-trap > 255.255.255.255.snmp-trap: Trap(26) E:410.1.1 [192.168.0.2] coldStart 0[nothing to parse] Oct 27 21:02:21 myhost kernel: Packet log: input REJECT eth1 PROTO=17 0.0.0.0:162 255.255.255.255:162 L=69 S=0x00 I=1 F=0x0000 T=64 (#62) Oct 27 21:02:22 myhost dhcpd: DHCPDISCOVER from 00:04:e2:0e:c1:12 via eth1 Oct 27 21:02:22 myhost dhcpd: DHCPOFFER on 192.168.0.2 to 00:04:e2:0e:c1:12 via eth1 Oct 27 21:02:22 myhost dhcpd: DHCPREQUEST for 192.168.0.2 from 00:04:e2:0e:c1:12 via eth1 Oct 27 21:02:22 myhost dhcpd: DHCPACK on 192.168.0.2 to 00:04:e2:0e:c1:12 via eth1 Now it asks for the WEP keys again (presumably, because the application is displaying this screen) 21:02:25.701487 > myhostIP.1636 > puck.snmp: C=MiniAP GetRequest(100) E:410.1.2.2.1.0 E:410.1.2.2.2.0 E:410.1.2.2.3.0 E:410.1.2.2.4.0 E:410.1.2.2.6.0[\|snmp] 21:02:25.708553 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(99) E:410.1.2.2.1.0=25_36_5d_b7_ef_92_82_3f_1e_88_7d_a 0_ce E:410.1.2.2.2.0=92_82_3f_1e_88_00_00_00_00_00_00_0 0_00 E:410.1.2.2.3.0=7d_a0_ce_00_00_00_00 And we're setting something else, what's here is the channel, essid len, essid, IP address, and something else that's truncated. 21:03:58.875963 > myhostIP.1636 > puck.snmp: C=MiniAP SetRequest(99) E:410.1.2.1.1.0=11 E:410.1.2.1.2.0=4 E:410.1.2.1.3.0="WLAN" E:410.1.1.2.1.0=[192.168.0.2] .iso.org=[\|snmp] 21:03:58.883984 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(99) E:410.1.2.1.1.0=11 E:410.1.2.1.2.0=4 E:410.1.2.1.3.0="WLAN" E:410.1.1.2.1.0=[192.168.0.2] .iso.org=[\|snmp] Reboot again: 21:03:58.906253 > myhostIP.1636 > puck.snmp: C=MiniAP SetRequest(30) E:410.1.1.1.6.0=1 21:03:58.907541 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(30) E:410.1.1.1.6.0=1 AP reboots 21:03:59.881766 B 0.0.0.0.snmp-trap > 255.255.255.255.snmp-trap: Trap(26) E:410.1.1 [192.168.0.2] coldStart 0[nothing to parse] Oct 27 21:03:59 myhost kernel: Packet log: input REJECT eth1 PROTO=17 0.0.0.0:162 255.255.255.255:162 L=69 S=0x00 I=1 F=0x0000 T=64 (#62) Oct 27 21:04:00 myhost dhcpd: DHCPDISCOVER from 00:04:e2:0e:c1:12 via eth1 Oct 27 21:04:00 myhost dhcpd: DHCPOFFER on 192.168.0.2 to 00:04:e2:0e:c1:12 via eth1 Oct 27 21:04:00 myhost dhcpd: DHCPREQUEST for 192.168.0.2 from 00:04:e2:0e:c1:12 via eth1 Oct 27 21:04:00 myhost dhcpd: DHCPACK on 192.168.0.2 to 00:04:e2:0e:c1:12 via eth1 Now we look at the MAC filters: first the AP tells us that MAC filtering is disabled: 21:12:14.085271 > myhostIP.1636 > puck.snmp: C=MiniAP GetRequest(29) E:410.1.2.6.1.0 21:12:14.087058 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(30) E:410.1.2.6.1.0=2 Then we set the first of the MAC filters -- but this is a broadcast address, and I don't know what the first 6 bytes mean. 21:12:14.112847 > myhostIP.1636 > puck.snmp: C=MiniAP SetRequest(41) E:410.1.2.6.2.0=02_00_00_00_01_00_00_00_00_00_00_0 0 21:12:14.114680 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(41) E:410.1.2.6.2.0=02_00_ff_ff_01_00_ff_ff_ff_ff_ff_f f And do the same thing again: 21:12:52.905507 > myhostIP.1636 > puck.snmp: C=MiniAP SetRequest(41) E:410.1.2.6.2.0=02_00_00_00_01_00_00_00_00_00_00_0 0 21:12:52.907373 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(41) E:410.1.2.6.2.0=02_00_ff_ff_01_00_ff_ff_ff_ff_ff_f f And then define one, and reboot the AP. This is AuthorizationMacEnable: 21:20:48.740921 > myhostIP.1636 > puck.snmp: C=MiniAP SetRequest(30) E:410.1.2.6.1.0=1 21:20:48.743222 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(30) E:410.1.2.6.1.0=1 This is AuthorizedMac: 21:20:48.963713 > myhostIP.1636 > puck.snmp: C=MiniAP SetRequest(41) E:410.1.2.6.2.0=01_00_01_00_01_00_00_02_2d_0e_c7_a 5 21:20:48.973928 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(41) E:410.1.2.6.2.0=01_00_01_00_01_00_00_02_2d_0e_c7_a 5 Restart: 21:20:49.194256 > myhostIP.1636 > puck.snmp: C=MiniAP SetRequest(30) E:410.1.1.1.6.0=1 21:20:49.195554 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(30) E:410.1.1.1.6.0=1 21:20:50.249189 B 0.0.0.0.snmp-trap > 255.255.255.255.snmp-trap: Trap(26) E:410.1.1 [192.168.0.2] coldStart 0[nothing to parse] Oct 27 21:20:50 myhost kernel: Packet log: input REJECT eth1 PROTO=17 0.0.0.0:162 255.255.255.255:162 L=69 S=0x00 I=1 F=0x0000 T=64 (#62) Oct 27 21:20:51 myhost dhcpd: DHCPDISCOVER from 00:04:e2:0e:c1:12 via eth1 Oct 27 21:20:51 myhost dhcpd: DHCPOFFER on 192.168.0.2 to 00:04:e2:0e:c1:12 via eth1 Oct 27 21:20:51 myhost dhcpd: DHCPREQUEST for 192.168.0.2 from 00:04:e2:0e:c1:12 via eth1 Oct 27 21:20:51 myhost dhcpd: DHCPACK on 192.168.0.2 to 00:04:e2:0e:c1:12 via eth1 Here we set the password (AuthorizedAdminPass and AuthorizedManufactPass) and then reboot. 22:02:06.431063 > myhostIP.1636 > puck.snmp: C=MiniAP SetRequest(63) E:410.1.1.9.2.0="password" E:410.1.1.9.3.0="password" 22:02:06.433880 < puck.snmp > myhostIP.1636: C=MiniAP GetResponse(63) E:410.1.1.9.2.0="password" E:410.1.1.9.3.0="password" 22:02:07.192025 B 0.0.0.0.snmp-trap > 255.255.255.255.snmp-trap: Trap(26) E:410.1.1 [192.168.0.2] coldStart 0[nothing to parse] Oct 27 22:02:07 myhost kernel: Packet log: input REJECT eth1 PROTO=17 0.0.0.0:162 255.255.255.255:162 L=69 S=0x00 I=1 F=0x0000 T=64 (#62) Oct 27 22:02:08 myhost dhcpd: DHCPDISCOVER from 00:04:e2:0e:c1:12 via eth1 Oct 27 22:02:08 myhost dhcpd: DHCPOFFER on 192.168.0.2 to 00:04:e2:0e:c1:12 via eth1 Oct 27 22:02:08 myhost dhcpd: DHCPREQUEST for 192.168.0.2 from 00:04:e2:0e:c1:12 via eth1 Oct 27 22:02:08 myhost dhcpd: DHCPACK on 192.168.0.2 to 00:04:e2:0e:c1:12 via eth1 Now, with the new password: 22:45:19.045483 > myhostIP.1636 > puck.snmp: C=password GetRequest(47) E:410.1.1.1.1.0 E:410.1.2.1.1.0\ 22:45:19.047226 B arp who-has myhostIP (0:2:64:6:a1:0) tell puck 22:45:19.047332 > arp reply myhostIP (0:50:bf:75:8:90) is-at 0:50:bf:75:8:90 (0:4:e2:e:c1:12) 22:45:19.047739 < puck.snmp > myhostIP.1636: C=password GetResponse(99) E:410.1.1.1.1.0=38_30_32_2e_31_31_20_41_50_20_28_5 6_65_72_2e_20_31_2e_34_66_2e_34_29_20_4d_69_6e_69_ 41_50_00_00_e5_03_00_00_b9_af_01_02_44_db_00_01_bc _05_00_00_0c_00_00_00_17_a9_00_01_74 E:410.1.2=[\|snmp] 22:45:19.056114 > myhostIP.1636 > puck.snmp: C=password SetRequest(30) E:410.1.2.1.6.0=2 22:45:19.057696 < puck.snmp > myhostIP.1636: C=password GetResponse(30) E:410.1.2.1.6.0=2 22:45:19.079306 > myhostIP.1636 > puck.snmp: C=password GetRequest(98) E:410.1.1.1.5.0 E:410.1.1.2.1.0 E:410.1.1.2.2.0 E:410.1.1.2.3.0 E:410.1.2.1.1[\|snmp] 22:45:19.083180 < puck.snmp > myhostIP.1636: C=password GetResponse(97) E:410.1.1.1.5.0=02_00_00_00_00_04_e2_0e_c1_12_00_0 1_10_00_00_00_00_00_00_00_45_55_4d_49_54_43_4f_4d_ 00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00 _00_00_00_00_00_00_00_00_00_00_00_41_43_43_45_53_5 3_20_50_4f_49_4e 22:45:19.097005 > myhostIP.1636 > puck.snmp: C=password GetRequest(98) E:410.1.2.1.3.0 E:410.1.2.2.5.0 E:410.1.2.5.1.0 E:410.1.2.1.4.0 E:410.1.2.1.10[\|snmp] 22:45:19.102888 < puck.snmp > myhostIP.1636: C=password GetResponse(97) E:410.1.2.1.3.0=57_4c_41_4e_00_00_00_00_00_00_00_0 0_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_ 00_00_00_00 E:410.1.2.2.5.0=3 E:410.1.2.5.1.0=[\|snmp] we intend to change the wepkey again: 22:45:46.511725 > myhostIP.1636 > puck.snmp: C=password GetRequest(98) E:410.1.1.1.5.0 E:410.1.1.2.1.0 E:410.1.1.2.2.0 E:410.1.1.2.3.0 E:410.1.2.1.1[\|snmp] 22:45:46.515610 < puck.snmp > myhostIP.1636: C=password GetResponse(97) E:410.1.1.1.5.0=02_00_00_00_00_04_e2_0e_c1_12_00_0 1_10_00_00_00_00_00_00_00_45_55_4d_49_54_43_4f_4d_ 00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00 _00_00_00_00_00_00_00_00_00_00_00_41_43_43_45_53_5 3_20_50_4f_49_4e 22:45:46.544053 > myhostIP.1636 > puck.snmp: C=password GetRequest(98) E:410.1.2.1.3.0 E:410.1.2.2.5.0 E:410.1.2.5.1.0 E:410.1.2.1.4.0 E:410.1.2.1.10[\|snmp] 22:45:46.549926 < puck.snmp > myhostIP.1636: C=password GetResponse(97) E:410.1.2.1.3.0=57_4c_41_4e_00_00_00_00_00_00_00_0 0_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_ 00_00_00_00 E:410.1.2.2.5.0=3 E:410.1.2.5.1.0=[\|snmp] 22:45:53.221938 > myhostIP.1636 > puck.snmp: C=password GetRequest(98) E:410.1.2.2.1.0 E:410.1.2.2.2.0 E:410.1.2.2.3.0 E:410.1.2.2.4.0 E:410.1.2.2.6[\|snmp] 22:45:53.228566 < puck.snmp > myhostIP.1636: C=password GetResponse(97) E:410.1.2.2.1.0=25_36_5d_b7_ef_92_82_3f_1e_88_7d_a 0_ce E:410.1.2.2.2.0=92_82_3f_1e_88_00_00_00_00_00_00_0 0_00 E:410.1.2.2.3.0=7d_a0_ce_00_00 And we really change it: 22:47:07.351579 > myhostIP.1636 > puck.snmp: C=password SetRequest(97) E:410.1.2.2.1.0=fc_54_d7_f1_dd_ef_00_25_52_10_ae_1 3_f3 E:410.1.2.2.2.0=fc_54_d7_f1_dd_00_00_00_00_00_00_0 0_00 E:410.1.2.2.3.0=87_2d_9f_00_00 22:47:07.358748 < puck.snmp > myhostIP.1636: C=password GetResponse(97) E:410.1.2.2.1.0=fc_54_d7_f1_dd_ef_00_25_52_10_ae_1 3_f3 E:410.1.2.2.2.0=fc_54_d7_f1_dd_00_00_00_00_00_00_0 0_00 E:410.1.2.2.3.0=87_2d_9f_00_00 22:47:07.365696 > myhostIP.1636 > puck.snmp: C=password SetRequest(30) E:410.1.1.1.6.0=1 22:47:07.366990 < puck.snmp > myhostIP.1636: C=password GetResponse(30) E:410.1.1.1.6.0=1 22:47:07.916889 B 0.0.0.0.snmp-trap > 255.255.255.255.snmp-trap: Trap(26) E:410.1.1 [192.168.0.2] coldStart 0[nothing to parse] Oct 27 22:47:07 myhost kernel: Packet log: input REJECT eth1 PROTO=17 0.0.0.0:162 255.255.255.255:162 L=69 S=0x00 I=1 F=0x0000 T=64 (#62) Oct 27 22:47:08 myhost dhcpd: DHCPDISCOVER from 00:04:e2:0e:c1:12 via eth1 Oct 27 22:47:08 myhost dhcpd: DHCPOFFER on 192.168.0.2 to 00:04:e2:0e:c1:12 via eth1 Oct 27 22:47:08 myhost dhcpd: DHCPREQUEST for 192.168.0.2 from 00:04:e2:0e:c1:12 via eth1 Oct 27 22:47:08 myhost dhcpd: DHCPACK on 192.168.0.2 to 00:04:e2:0e:c1:12 via eth1 22:47:13.037709 > myhostIP.1636 > puck.snmp: C=password GetRequest(98) E:410.1.2.2.1.0 E:410.1.2.2.2.0 E:410.1.2.2.3.0 E:410.1.2.2.4.0 E:410.1.2.2.6[\|snmp] 22:47:13.044753 < puck.snmp > myhostIP.1636: C=password GetResponse(97) E:410.1.2.2.1.0=11_7e_bd_3f_9e_fc_54_d7_f1_dd_87_2 d_9f E:410.1.2.2.2.0=fc_54_d7_f1_dd_00_00_00_00_00_00_0 0_00 E:410.1.2.2.3.0=87_2d_9f_00_00 Now we change the APname and SSID: 22:54:59.749026 > myhostIP.1636 > puck.snmp: C=password SetRequest(97) E:410.1.2.1.1.0=11 E:410.1.2.1.2.0=14 E:410.1.2.1.3.0="AP@myhost" E:410.1.1.2.1=[\|snmp] 22:54:59.757138 < puck.snmp > myhostIP.1636: C=password GetResponse(97) E:410.1.2.1.1.0=11 E:410.1.2.1.2.0=14 E:410.1.2.1.3.0="AP@myhost" E:410.1.1.2.1=[\|snmp] 22:54:59.778347 > myhostIP.1636 > puck.snmp: C=password SetRequest(30) E:410.1.1.1.6.0=1 22:54:59.779657 < puck.snmp > myhostIP.1636: C=password GetResponse(30) E:410.1.1.1.6.0=1 22:55:00.805589 B 0.0.0.0.snmp-trap > 255.255.255.255.snmp-trap: Trap(26) E:410.1.1 [192.168.0.2] coldStart 0[nothing to parse] Oct 27 22:55:00 myhost kernel: Packet log: input REJECT eth1 PROTO=17 0.0.0.0:162 255.255.255.255:162 L=69 S=0x00 I=1 F=0x0000 T=64 (#62) Oct 27 22:55:01 myhost dhcpd: DHCPDISCOVER from 00:04:e2:0e:c1:12 via eth1 Oct 27 22:55:01 myhost dhcpd: DHCPOFFER on 192.168.0.2 to 00:04:e2:0e:c1:12 via eth1 Oct 27 22:55:01 myhost dhcpd: DHCPREQUEST for 192.168.0.2 from 00:04:e2:0e:c1:12 via eth1 Oct 27 22:55:01 myhost dhcpd: DHCPACK on 192.168.0.2 to 00:04:e2:0e:c1:12 via eth1

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode