While upgrading my kid’s computer and installing the web proxy and filter (see article titled “SquidGuard Blacklists…“), I ran across a real problem. Wireless would start only after a user logged into their desktop, so the system had no IP address until then. However, without an IP, Dansguardian would fail to start. I tried scripting the problem away, essentially waiting indefinitely until a periodic check showed an IP address in use and then starting the services, but this did not work. I played around with making an init script under /etc/init.d
and using “update-rc.d
” to create the proper sym links. This also did not work. I tried manually defining the wireless network using /etc/network interfaces
and creating a /etc/wpa_supplicant.conf
file. This did not work.
It was then I remembered a server I had built at work, using Ubuntu-9.04, in which I had stripped off all of the GUI/desktop stuff, leaving a bare-bones server instead. It worked fine on the network, and did not have Network Manager installed. Looking in the init script folder under /etc/init.d
, I found a NetworkManager service, so I made it non-executable (“sudo chmod -x /etc/inint.d/NetworkManager
“), and ran “sudo update-rc.d -f NetworkManager remove
” to get rid of the startup links. After that, the wireless network started on boot just fine, with no need for user interaction, and the services for the proxy and filters started flawlessly (I added them into /etc/network/interfaces
).
So, Network Manager was stepping all over /etc/network/interfaces
. Not anymore. I could have removed the package, but other packages will then be removed, and I don’t want that.
For someone having trouble with their manual wireless setup, here are my scrubbed /etc/network/interfaces
and /etc/wpa_supplicant.conf
files:
/etc/network/interfaces
:
auto lo
iface lo inet loopback
auto wlan0
iface wlan0 inet dhcp
wpa-conf /etc/wpa_supplicant.conf
# added 10-18-09 for proxy filter
pre-up iptables-restore < /etc/iptables.rules
post-up /usr/local/squid/sbin/squid
post-up /usr/local/dansguardian/sbin/dansguardian
post-down iptables-save -c > /etc/iptables.rules
/etc/wpa_supplicant.conf:
network={
ssid="myssid"
proto=RSN
key_mgmt=WPA-PSK
pairwise=CCMP TKIP
group=CCMP TKIP
psk="my-key-phrase"
}
This is for a WPA2 wireless setup (SSID and passphrase are bogus, of course). Hope this helps someone.
Filed under: HowTo, Kubuntu, Security, wireless | Tagged: blacklist, dansguardian, filter, HowTo, init, interfaces, Kubuntu, networking, proxy, scripts, Security, squid, squidGuard, SSID, troubleshooting, Ubuntu, update-rc.d, wireless, WPA, wpa_supplicant | 1 Comment »