Depperte Wappler! (or: how to convince a WAP11 v2.8 to do SNMP)

about
- me
- site
brainfarts
interests
- anti
- au
- comp
- crypto
- debian
- flying
- humour
- tinkering
- usenet
mystuff
- kuvert
still-not-king

The expletive (in Austrian German) applies to the Linksys people, who managed to castrate the WAP11 access point in its version 2.8 but good:

the web i/f is minimal, doesn't allow you to set a fair number of things which are security-relevant and so on. At least it does syslog (in the same crappy format as the old DWL-900AP+ v1)...

Andrew Hakman has a load of useful info on the WAP11s, but mostly for the earlier models up to v2.2, as do the guys from Seattle Wireless. Most public info seems to indicate that the v2.8 does not do SNMP at all. Which is, fortunately, not true.

A quick nmap run confirms that 161 udp is open, and a default snmpwalk with community "public" returns

SNMPv2-MIB::sysDescr.0 = STRING: AP8628 ver 1.0.0
SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.15177.1
SNMPv2-MIB::sysUpTime.0 = Timeticks: (33922008) 3 days, 22:13:40.08
SNMPv2-MIB::sysContact.0 = STRING: support@admtek.com.tw
SNMPv2-MIB::sysName.0 = STRING: ADMtek AP8628-001
SNMPv2-MIB::sysLocation.0 = STRING: ADMtek Inc., Hsin-chu, Taiwan

So it's a AP8628-001 by ADMtek, now Infineon, who don't hand out any MIB info. The thing does not support the interface MIB which sucks. Grovelling through enterprises.* returns all kinds of stuff, MAC addresses and so on. IANA says 15177 belongs to ADMtek, but I couldn't find a working MIB for 15177.

However, the WAP11 also spews out stuff under enterprises.410 which is ATMEL's OID...and there is a functional MIB available for this. (Interestingly enough, there's also indications that the board is an EUMITCOM one: the sysdescription in enterprises.410 says so. Also interesting: some of the ATMEL MIB maps cleanly onto the 15177 OID space.)

The ATMEL MIB has a reasonable amount of comments in it, which eventually lets one find the only way to change the communities from public/private to something better (yes, the web i/f doesn't mention snmp anywhere and snmp defaults to on...idiots!): snmpset -v 2c -c private yourmachine enterprises.410.1.1.9.1.0 s yournewcommunity

This is for the user community, ...1.1.9.2.0 is the admin community. Note that the same OID in the 15177 enterprise works as well - weird. Neither show up in a snmpget, nor do any wep keys, and the SSID broadcast setting is also not correct/visible.

Having set the communities, one would like to get stats info from the sucker into mrtg. The lack of support for the interface MIB makes this fun to achieve. The assholes stuffed all the useful info as packed sets of little-endian integers into various OIDs...at least the MIB documents the sequences, if not the endianness. Also the wireless side has only packet statistics, no byte counters; the ethernet side has both. (Why oh why did they mess this up so badly?)

Anyway, mrtg supports data conversion filters in Perl so after getting all that info together it's straightforward to say this in mrtg.cfg

LoadMibs: /usr/share/snmp/mibs/AT76C510.mib
ConversionCode: /usr/local/lib/mrtg/wap11convert.pl

Target[myap]: EthRxStatistics.0&EthTxStatistics.0:mycommunity@myap|gimmefirstint

with wap11convert.pl including

sub gimmefirstint
{
    my ($input)=@_;
    return unpack("V",$input);
}

(Or you can try the ap-utils software package, which sucks, documentation-wise as well as functionally: it only hands out packet counts without saying so anywhere.)

Why did I buy the WAP11? Because I needed a cheap replacement for my fried DWL900AP+, and in the end I got that (plus the WAP11 doesn't destroy ARP packets like the 900 did).

[ published on Mon 27.02.2006 15:44 | filed in interests/comp | ]