summaryrefslogtreecommitdiff
path: root/README
blob: bfb246abdfb17ab7578b4ce06445d37615b46b70 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
Connection Manager
******************

Copyright (C) 2007-2012  Intel Corporation. All rights reserved.


Functionality and features
==========================

The following features are built-in into Connection Manager:
	- Generic plugin infrastructure
	- Device and network abstraction (with basic storage support)
	- IPv4, IPv4-LL (link-local) and DHCP
	- IPv6, DHCPv6 and 6to4 tunnels
	- Advanced routing and DNS configuration
	- Built-in DNS proxy and intelligent caching
	- Built-in WISPr hotspot logins and portal detection
	- Time and timezone configuration (manual and automatic with NTP)
	- Proxy handling (manual and automatic with WPAD)
	- Tethering support (USB, Bluetooth and WiFi AP mode)
	- Detailed statistics handling (home and roaming)

Various plugins can be enabled for networking support:
	- Ethernet plugin
	- WiFi plugin with WEP40/WEP128 and WPA/WPA2 (personal and enterprise)
	- Bluetooth plugin (using BlueZ)
	- 2G/3G/4G plugin (using oFono)

Also plugins with additional features are available:
	- Loopback interface setup
	- PACrunner proxy handling
	- PolicyKit authorization support

Note that when ConnMan starts, it clears all network interfaces that are
going to be used. If this is not desired, network interfaces can be ignored
either by setting NetworkInterfaceBlacklist in the main.conf config file or
by using the -I command line option.


Compilation and installation
============================

In order to compile Connection Manager you need following software packages:
	- GCC compiler
	- GLib library
	- D-Bus library
	- IP-Tables library
	- GnuTLS library (optional)
	- PolicyKit (optional)
	- readline (command line client)

To configure run:
	./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var

Configure automatically searches for all required components and packages.

To compile and install run:
	make && make install


Configuration and options
=========================

For a working system, certain configuration options need to be enabled:

	--disable-ethernet

		Disable support for Ethernet network cards

		By default Ethernet technology support is built-in and
		enabled. This option can be used to build a small daemon
		for a specific system if Ethernet support is not required.

	--disable-wifi

		Disable support for WiFi devices

		By default WiFi technology support is built-in and
		enabled. This option can be used to build a small daemon
		for a specific system if WiFi support is not required.

		It is safe to build a daemon with WiFi support and no
		running wpa_supplicant. The start of wpa_supplicant is
		automatically detected and only a runtime dependency. It
		is not needed to build ConnMan.

	--disable-bluetooth

		Disable support for Bluetooth devices

		By default Bluetooth technology support is built-in and
		enabled. This option can be used to build a small daemon
		for a specific system if Bluetooth support is not required.

		It is safe to build a daemon with Bluetooth support and no
		running bluetoothd. The start of bluetoothd is automatically
		detected and only a runtime dependency. It is not needed to
		build ConnMan.

	--disable-ofono

		Disable support for cellular 2G/3G/4G devices

		By default oFono technology support is built-in and
		enabled. This option can be used to build a small daemon
		for a specific system where oFono is not used.

		It is safe to build a daemon with oFono support and no
		running ofonod. That start of ofonod is automatically
		detected and only a runtime dependency. It is not needed to
		build ConnMan.

	--disable-dundee

		Disable support for Bluetooth DUN devices

		By default Bluetooth DUN technology (dundee) support is
		built-in and enabled. This option can be used to build a
		small daemon for a specific system where dundee is not used.

		It is safe to build a daemon with dundee support and no
		running dundee. That start of dundee is automatically
		detected and only a runtime dependency. It is not needed to
		build ConnMan.

	--disable-pacrunner

		Disable support for PACrunner proxy handling

		By default PACrunner support is built-in and enabled. This
		option can be used to build a small daemon for a specific
		system where PACrunner is not used.

		It is safe to build a daemon with PACrunner support and no
		pacrunner daemon. It will detect and start a PACrunner
		process if needed at runtime. The presence is not needed
		to build ConnMan.

	--disable-loopback

		Disable setup of loopback device

		For distributions with a really minimal init system and no
		networking scripts this can take care of setting up the
		loopback device and enabling it.

		It is safe to leave this selected even if networking
		scripts are in place. It detects an already configured
		loopback device and leaves it as it is.

	--disable-wispr

		Disable support for WISPr hotspot logins

		For systems with really minimal memory requirements, this
		will disable the support for WISPr hotspot logins. The code
		for WISPr will be still compiled into the daemon, but its
		requirement on GnuTLS for secure connections will be lifted.

		The missing GnuTLS support shrinks the memory requirements
		by about 30% and for systems that are more stationary and do
		not log into hotspots this might be a better trade off.

		Disabling WISPr support is not disabling the portal detection
		support. A portal will still be detected, but instead of being
		asked for login credentials, the request for a browser session
		will be made through the agent.

	--enable-polkit

		Enable support for PolicyKit authorization

		This allows to check every D-Bus access against a security
		policy and so restrict access to certain functionality.

	--enable-nmcompat

		Enable support for NetworkManager compatibility interfaces

		This allows to expose a minimal set of NetworkManager
		interfaces. It is useful for systems with applications
		written to use NetworkManager to detect online/offline
		status and have not yet been converted to use ConnMan.

	--disable-client

		Disable support for the command line client

		By default the command line client is enabled and uses the
		readline library. For specific systems where ConnMan is
		configured by other means, the command line client can be
		disabled and the dependency on readline is removed.

	--enable-selinux

		Enable support for compiling SElinux type enforcement rules

		The TE rules are needed if host environment is in enforcing
		mode. Without this option, the VPN client process cannot
		send notification to connman-vpnd via net.connman.Task
		interface. The compiled connman-task.pp module needs to
		also installed using this command
			# semodule -i connman-task.pp
		in order to enable the dbus access.


Activating debugging
====================

One can activate debugging prints in ConnMan using -d command line option.
If the -d option has no parameters, then debugging is activated for all
source code files. If the -d option has parameters, they tell which source
code files have debugging activated. One can use wild cards in file names.
Example:
    -d                   Activate all normal debug prints
    -d src/service.c     This prints debugging info from src/service.c
                         file only
    -d src/network.c:src/ipconfig.c
                         This activates debug prints in src/network.c
                         and src/ipconfig.c files.
    -d 'src/n*.c'        This would activate debug print from all the C source
                         files starting with letter 'n' in src directory.
                         Note the quotation marks around option, that is to
                         prevent shell expansion.
    -d '*/n*.c:*/i*.c'   Activate debug prints for all C source files starting
                         with letters 'n' or 'i' in any sub-directory.

Some components of ConnMan have environment variable activated debug prints.
If the environment variable is set, then corresponding component will print
some extra debugging information.
Following environment variables can be used:
    CONNMAN_DHCP_DEBUG        DHCPv4 related debug information
    CONNMAN_DHCPV6_DEBUG      DHCPv6 related debug information
    CONNMAN_IPTABLES_DEBUG    Extra information when iptables is used
    CONNMAN_RESOLV_DEBUG      Name resolver debug prints. These debug prints
                              are used when ConnMan resolves host names for
                              its own use.
                              Note that the DNS proxy debug prints do not
                              use this environment variable. For that, one
                              can use "-d src/dnsproxy.c" command line option.
    CONNMAN_SUPPLICANT_DEBUG  Debugging prints for communication between
                              connmand and wpa_supplicant processes.
    CONNMAN_WEB_DEBUG         Debug information when ConnMan does Internet
                              connectivity check in Wispr and 6to4 components.

Example:
    CONNMAN_WEB_DEBUG=1 src/connmand -n


Kernel configuration
====================

In order to support tethering, the following kernel configuration options
need to be enabled either as modules (m) or builtin (y):

CONFIG_BRIDGE
CONFIG_IP_NF_TARGET_MASQUERADE

In order to enable CONFIG_IP_NF_TARGET_MASQUERADE, the following options need
to be enabled also as modules (m) or builtin (y):

CONFIG_NETFILTER
CONFIG_NF_CONNTRACK_IPV4
CONFIG_NF_NAT_IPV4


wpa_supplicant configuration
============================

In order to get wpa_supplicant and Connection Manager working properly
together you should edit wpa_supplicant .config file and set:

CONFIG_WPS=y
CONFIG_AP=y
CONFIG_CTRL_IFACE_DBUS_NEW=y

and, add:

CONFIG_BGSCAN_SIMPLE=y

This last option will enable the support of background scanning while being
connected, which is necessary when roaming on wifi.

It is recommended to use wpa_supplicant 0.8.x or 1.x or later.


VPN
===

In order to compile pptp and l2tp VPN plugins, you need ppp development
package.

To run l2tp you will need
	- xl2tpd, http://www.xelerance.com/services/software/xl2tpd

To run pptp you will need
	- pptp client, http://pptpclient.sourceforge.net

Both l2tp and pptp also need pppd.


OpenVPN
=======

Up to version 2.2 of OpenVPN, pushing additional routes from the
server will not always work. Some of the symptons are that additional
routes will not be set by ConnMan if the uplink is a cellular
network. While the same setup works well for a WiFi or ethernet
uplink.


Information
===========

Mailing list:
	connman@connman.net

For additional information about the project visit ConnMan web site:
	http://www.connman.net