Google Git
Sign in
nest-open-source / nest-cam / v366 / connman / refs/heads/main / . / README
blob: 0f86bc12c482bcd58bd2fcc7f0c137772d89813f [file] [log] [blame]
Connection Manager
******************
Copyright (C) 2007-2012 Intel Corporation. All rights reserved.
Functionality and features
==========================
The following features are built-in into Connection Manager:
- Generic plugin infrastructure
- Device and network abstraction (with basic storage support)
- IPv4, IPv4-LL (link-local) and DHCP
- IPv6, DHCPv6 and 6to4 tunnels
- Advanced routing and DNS configuration
- Built-in DNS proxy and intelligent caching
- Built-in WISPr hotspot logins and portal detection
- Time and timezone configuration (manual and automatic with NTP)
- Proxy handling (manual and automatic with WPAD)
- Tethering support (USB, Bluetooth and WiFi AP mode)
- Detailed statistics handling (home and roaming)
Various plugins can be enabled for networking support:
- Ethernet plugin
- WiFi plugin with WEP40/WEP128 and WPA/WPA2 (personal and enterprise)
- Bluetooth plugin (using BlueZ)
- 2G/3G/4G plugin (using oFono)
Also plugins with additional features are available:
- Loopback interface setup
- PACrunner proxy handling
- PolicyKit authorization support
Note that when ConnMan starts, it clears all network interfaces that are
going to be used. If this is not desired, network interfaces can be ignored
either by setting NetworkInterfaceBlacklist in the main.conf config file or
by using the -I command line option.
Compilation and installation
============================
In order to compile Connection Manager you need following software packages:
- GCC compiler
- GLib library
- D-Bus library
- IP-Tables library
- GnuTLS library (optional)
- PolicyKit (optional)
- readline (command line client)
To configure run:
./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
Configure automatically searches for all required components and packages.
To compile and install run:
make && make install
Configuration and options
=========================
For a working system, certain configuration options need to be enabled:
--disable-ethernet
Disable support for Ethernet network cards
By default Ethernet technology support is built-in and
enabled. This option can be used to build a small daemon
for a specific system if Ethernet support is not required.
--disable-wifi
Disable support for WiFi devices
By default WiFi technology support is built-in and
enabled. This option can be used to build a small daemon
for a specific system if WiFi support is not required.
It is safe to build a daemon with WiFi support and no
running wpa_supplicant. The start of wpa_supplicant is
automatically detected and only a runtime dependency. It
is not needed to build ConnMan.
--disable-bluetooth
Disable support for Bluetooth devices
By default Bluetooth technology support is built-in and
enabled. This option can be used to build a small daemon
for a specific system if Bluetooth support is not required.
It is safe to build a daemon with Bluetooth support and no
running bluetoothd. The start of bluetoothd is automatically
detected and only a runtime dependency. It is not needed to
build ConnMan.
--disable-ofono
Disable support for cellular 2G/3G/4G devices
By default oFono technology support is built-in and
enabled. This option can be used to build a small daemon
for a specific system where oFono is not used.
It is safe to build a daemon with oFono support and no
running ofonod. That start of ofonod is automatically
detected and only a runtime dependency. It is not needed to
build ConnMan.
--disable-dundee
Disable support for Bluetooth DUN devices
By default Bluetooth DUN technology (dundee) support is
built-in and enabled. This option can be used to build a
small daemon for a specific system where dundee is not used.
It is safe to build a daemon with dundee support and no
running dundee. That start of dundee is automatically
detected and only a runtime dependency. It is not needed to
build ConnMan.
--disable-pacrunner
Disable support for PACrunner proxy handling
By default PACrunner support is built-in and enabled. This
option can be used to build a small daemon for a specific
system where PACrunner is not used.
It is safe to build a daemon with PACrunner support and no
pacrunner daemon. It will detect and start a PACrunner
process if needed at runtime. The presence is not needed
to build ConnMan.
--disable-loopback
Disable setup of loopback device
For distributions with a really minimal init system and no
networking scripts this can take care of setting up the
loopback device and enabling it.
It is safe to leave this selected even if networking
scripts are in place. It detects an already configured
loopback device and leaves it as it is.
--disable-wispr
Disable support for WISPr hotspot logins
For systems with really minimal memory requirements, this
will disable the support for WISPr hotspot logins. The code
for WISPr will be still compiled into the daemon, but its
requirement on GnuTLS for secure connections will be lifted.
The missing GnuTLS support shrinks the memory requirements
by about 30% and for systems that are more stationary and do
not log into hotspots this might be a better trade off.
Disabling WISPr support is not disabling the portal detection
support. A portal will still be detected, but instead of being
asked for login credentials, the request for a browser session
will be made through the agent.
--enable-polkit
Enable support for PolicyKit authorization
This allows to check every D-Bus access against a security
policy and so restrict access to certain functionality.
--enable-nmcompat
Enable support for NetworkManager compatibility interfaces
This allows to expose a minimal set of NetworkManager
interfaces. It is useful for systems with applications
written to use NetworkManager to detect online/offline
status and have not yet been converted to use ConnMan.
--disable-client
Disable support for the command line client
By default the command line client is enabled and uses the
readline library. For specific systems where ConnMan is
configured by other means, the command line client can be
disabled and the dependency on readline is removed.
--enable-selinux
Enable support for compiling SElinux type enforcement rules
The TE rules are needed if host environment is in enforcing
mode. Without this option, the VPN client process cannot
send notification to connman-vpnd via net.connman.Task
interface. The compiled connman-task.pp module needs to
also installed using this command
# semodule -i connman-task.pp
in order to enable the dbus access.
Kernel configuration
====================
In order to support tethering, the following kernel configuration options
need to be enabled either as modules (m) or builtin (y):
CONFIG_BRIDGE
CONFIG_IP_NF_TARGET_MASQUERADE
In order to enable CONFIG_IP_NF_TARGET_MASQUERADE, the following options need
to be enabled also as modules (m) or builtin (y):
CONFIG_NETFILTER
CONFIG_NF_CONNTRACK_IPV4
CONFIG_NF_NAT_IPV4
wpa_supplicant configuration
============================
In order to get wpa_supplicant and Connection Manager working properly
together you should edit wpa_supplicant .config file and set:
CONFIG_WPS=y
CONFIG_AP=y
CONFIG_CTRL_IFACE_DBUS_NEW=y
and, add:
CONFIG_BGSCAN_SIMPLE=y
This last option will enable the support of background scanning while being
connected, which is necessary when roaming on wifi.
It is recommended to use wpa_supplicant 0.8.x or 1.x or later.
VPN
===
In order to compile pptp and l2tp VPN plugins, you need ppp development
package.
To run l2tp you will need
- xl2tpd, http://www.xelerance.com/services/software/xl2tpd
To run pptp you will need
- pptp client, http://pptpclient.sourceforge.net
Both l2tp and pptp also need pppd.
OpenVPN
=======
Up to version 2.2 of OpenVPN, pushing additional routes from the
server will not always work. Some of the symptons are that additional
routes will not be set by ConnMan if the uplink is a cellular
network. While the same setup works well for a WiFi or ethernet
uplink.
Information
===========
Mailing list:
connman@connman.net
For additional information about the project visit ConnMan web site:
http://www.connman.net