A Wireless Wirehead

I forget how many Ethernet cards my wife and I have gone through. It’s not like we’re a pair of klutzes, it’s more a case that we have laptops and we like to use the laptops in places other than the computer room. This either necessitates Wireless Ethernet or cables running over the place. Since cables are cheap and good Wireless hardware isn’t, we opted for the cables.

The former sysadmin at work told me that I should use those RealPort cards that have no pigtail. I’m thinking “Sure, then I’ll trip over the cable and send the laptop tumbling.”

I did that once, even with just a pigtail. That was my old Epson that gave me 5 years of dedicated service before kicking the bucket.

So lately, we broke the last card. We both decided that it just wasn’t economical to keep buying cards, especially when I’ve really wanted Wireless Ethernet for a while.

So I went to the lowest price on Pricewatch and picked up some hardware. While I was at it, because it came to $499 and I needed $500 to get the free shipping, I elected to get another Ethernet card because my wife’s old P200 was to be turned into a firewall.

I didn’t quite realize this, but my Orinoco AP-500 access point requires an IP address to work. I also realized that once I have the new Ethernet card, all I needed to do was open up the computer graveyard and pull out the two biggest drives that worked.

So this weekend, I unveiled Crucible, the Firewall. It’s named Crucible because it’s a FIREwall, and the Crucible in Berkley is most definitely about FIRE.

I didn’t realize this before, but Unix and OpenBSD in particular are very thoughtfully designed. I installed OpenBSD over the internet. The documentation isn’t stellar, but it’s there and it does happen to give you just enough information, if you are smart enough to be in the currently intended audience for OpenBSD.

I spent far too much time acting like Jerry Pournelle, tweaking this thing or that thing, to make things working. I think I was incorrectly configuring the access point and having other issues. I picked up the fourth cheapest or so hub from Frys (Previously, I had the access point plugged directly into an Ethernet card. Economical, but bad for debugging problems)

Once I finished tweaking the configuration, I noticed something REALLY cool about OpenBSD (FreeBSD does this, too). They have this thing called the Ports tree. It’s everything you’d really want to install, all packaged up so you find where it is in the directory in the ports tree, type “make install” and then it will download, compile, and install the package for you. Very nice.

The AP-500 has features that appeal greatly to the geek in me and probably would just annoy your average user. Like MAC control, for example. I can deny specific MAC addresses on the server.

I know that I’m not the only person on the block with an access point. Your average business doesn’t bother to secure their AP, as those people with Airsnort have discovered. There’s at least two neighbors who have the popular linksys access points that haven’t been passworded or anything.

But it’s really nice to be able to sit wherever and use the laptops. It’s also nice how I can just ssh and vnc from my windows desktop into Crucible instead of actually having to sit on the floor where Crucible sits.