wpa_supplicant\wpa_cli 常用命令

万俟铭
2023-12-01

wpa_supplicant常用命令

启动:
wpa_supplicant -Dnl80211 -iwlan0 -c /etc/wpa_supplicant.conf -O /etc/wifi/wpa/sockets/ -dd >/var/wifi_log &
-D 驱动程序名称(可以是多个驱动程序:nl80211,wext)
-i 接口名称
-c 配置文件 
-O ctrl_interface

#wpa_supplicant --help
usage:
  wpa_supplicant [-BddhKLqqtuvW] [-P<pid file>] [-g<global ctrl>] \
        [-G<group>] \
        -i<ifname> -c<config file> [-C<ctrl>] [-D<driver>] [-p<driver_param>] \
        [-b<br_ifname>] [-e<entropy file>] \
        [-o<override driver>] [-O<override ctrl>] \
        [-N -i<ifname> -c<conf> [-C<ctrl>] [-D<driver>] \
        [-p<driver_param>] [-b<br_ifname>] [-I<config file>] ...]
 
drivers:
  nl80211 = Linux nl80211/cfg80211
  wext = Linux wireless extensions (generic)
  hostap = Host AP driver (Intersil Prism2/2.5/3)
  wired = Wired Ethernet driver
options:
  -b = optional bridge interface name
  -B = run daemon in the background
  -c = Configuration file
  -C = ctrl_interface parameter (only used if -c is not)
  -i = interface name
  -I = additional configuration file
  -d = increase debugging verbosity (-dd even more)
  -D = driver name (can be multiple drivers: nl80211,wext)
  -e = entropy file
  -g = global ctrl_interface
  -G = global ctrl_interface group
  -K = include keys (passwords, etc.) in debug output
  -t = include timestamp in debug messages
  -h = show this help text
  -L = show license (BSD)
  -o = override driver parameter for new interfaces
  -O = override ctrl_interface parameter for new interfaces
  -p = driver parameters
  -P = PID file
  -q = decrease debugging verbosity (-qq even less)
  -u = enable DBus control interface
  -v = show version
  -W = wait for a control interface monitor before starting
  -N = start describing new interface
 	

//可以在wpa_supplicant.conf中查看ctrl_interface接口路径(-O)
//查看进程 ps -a |grep wpa

wpa_cli 常用命令

启动:
wpa_cli -i wlan0 -p /etc/wifi/wpa/sockets/
设置日志等级:
wpa_cli -i wlan0 -p /etc/wifi/wpa/sockets/ log_level EXCESSIVE

status [verbose] 	 get current WPA/EAPOL/EAP status
  ifname 	 get current interface name
  ping 	 pings wpa_supplicant
  relog 	 re-open log-file (allow rolling logs)
  note <text> 	 add a note to wpa_supplicant debug log
  mib 	 get MIB variables (dot1x, dot11)
  help [command] 	 show usage help
  interface [ifname] 	 show interfaces/select interface
  level <debug level> 	 change debug level
  license 	 show full wpa_cli license
  quit 	 exit wpa_cli
  set 	 set variables (shows list of variables when run without arguments)
  dump 	 dump config variables
  get <name> 	 get information
  driver_flags 	 list driver flags
  logon 	 IEEE 802.1X EAPOL state machine logon
  logoff 	 IEEE 802.1X EAPOL state machine logoff
  pmksa 	 show PMKSA cache
  pmksa_flush 	 flush PMKSA cache entries
  reassociate 	 force reassociation
  reattach 	 force reassociation back to the same BSS
  preauthenticate <BSSID> 	 force preauthentication
  identity <network id> <identity> 	 configure identity for an SSID
  password <network id> <password> 	 configure password for an SSID
  new_password <network id> <password> 	 change password for an SSID
  pin <network id> <pin> 	 configure pin for an SSID
  otp <network id> <password> 	 configure one-time-password for an SSID
  passphrase <network id> <passphrase> 	 configure private key passphrase for an SSID
  sim <network id> <pin> 	 report SIM operation result
  bssid <network id> <BSSID> 	 set preferred BSSID for an SSID
  blacklist <BSSID> 	 add a BSSID to the blacklist
  blacklist clear 	 clear the blacklist
  blacklist 	 display the blacklist
  log_level <level> [<timestamp>] 	 update the log level/timestamp
  log_level 	 display the current log level and log options
  list_networks 	 list configured networks
  select_network <network id> 	 select a network (disable others)
  enable_network <network id> 	 enable a network   使能id网络
  disable_network <network id> 	 disable a network
  add_network 	 add a network.  添加一个网络配置项,返回id
  remove_network <network id> 	 remove a network
  set_network <network id> <variable> <value> 	 set network variables (shows
    list of variables when run without arguments)	   设置ap的属性,用set_network 不接参数,可以看到所有可用信息
  get_network <network id> <variable> 	 get network variables
  dup_network <src network id> <dst network id> <variable> 	 duplicate network variables
  list_creds 	 list configured credentials
  add_cred 	 add a credential
  remove_cred <cred id> 	 remove a credential
  set_cred <cred id> <variable> <value> 	 set credential variables
  get_cred <cred id> <variable> 	 get credential variables
  save_config 	 save the current configuration
  disconnect 	 disconnect and wait for reassociate/reconnect command before
    connecting	 
  reconnect 	 like reassociate, but only takes effect if already disconnected
  scan 	 request new BSS scan。 扫描
  scan_results 	 get latest scan results。 现实扫描结果
  abort_scan 	 request ongoing scan to be aborted
  bss <<idx> | <bssid>> 	 get detailed scan result info
  get_capability <eap/pairwise/group/key_mgmt/proto/auth_alg/channels/freq/modes> 	 get capabilities
  reconfigure 	 force wpa_supplicant to re-read its configuration file
  terminate 	 terminate wpa_supplicant
  interface_add <ifname> <confname> <driver> <ctrl_interface> <driver_param>	 
    <bridge_name> <create> <type> 	 adds new interface, all parameters but
    <ifname> are optional. Supported types are station ('sta') and AP ('ap')	 
  interface_remove <ifname> 	 removes the interface
  interface_list 	 list available interfaces
  ap_scan <value> 	 set ap_scan parameter
  scan_interval <value> 	 set scan_interval parameter (in seconds)
  bss_expire_age <value> 	 set BSS expiration age parameter
  bss_expire_count <value> 	 set BSS expiration scan count parameter
  bss_flush <value> 	 set BSS flush age (0 by default)
  stkstart <addr> 	 request STK negotiation with <addr>
  ft_ds <addr> 	 request over-the-DS FT with <addr>
  wps_pbc [BSSID] 	 start Wi-Fi Protected Setup: Push Button Configuration
  wps_pin <BSSID> [PIN] 	 start WPS PIN method (returns PIN, if not hardcoded)
  wps_check_pin <PIN> 	 verify PIN checksum
  wps_cancel Cancels the pending WPS operation	 
  wps_reg <BSSID> <AP PIN> 	 start WPS Registrar to configure an AP
  wps_ap_pin [params..] 	 enable/disable AP PIN
  wps_er_start [IP address] 	 start Wi-Fi Protected Setup External Registrar
  wps_er_stop 	 stop Wi-Fi Protected Setup External Registrar
  wps_er_pin <UUID> <PIN> 	 add an Enrollee PIN to External Registrar
  wps_er_pbc <UUID> 	 accept an Enrollee PBC using External Registrar
  wps_er_learn <UUID> <PIN> 	 learn AP configuration
  wps_er_set_config <UUID> <network id> 	 set AP configuration for enrolling
  wps_er_config <UUID> <PIN> <SSID> <auth> <encr> <key> 	 configure AP
  ibss_rsn <addr> 	 request RSN authentication with <addr> in IBSS
  suspend 	 notification of suspend/hibernate
  resume 	 notification of resume/thaw
  roam <addr> 	 roam to the specified BSS
  sta_autoconnect <0/1> 	 disable/enable automatic reconnection
  tdls_discover <addr> 	 request TDLS discovery with <addr>
  tdls_setup <addr> 	 request TDLS setup with <addr>
  tdls_teardown <addr> 	 tear down TDLS with <addr>
  tdls_link_status <addr> 	 TDLS link status with <addr>

不同网络认证方式设置

1)open(开放式认证方式,分为):
     wpa_cli -iwlan0 set_network 0 ssid '"wlan"'(PS:wlan是无线的ssid号,外面是一对双引号,然后再外面是一对单引号)
     wpa_cli -iwlan0 set_network 0 key_mgmt NONE
2)wep(分为开放式和共享式):
     wpa_cli -iwlan0 set_network 0 ssid '"wlan"'
     wpa_cli -iwlan0 set_network 0 key_mgmt NONE
     wpa_cli -iwlan0 set_network 0 wep_key0 '"wlan_key"'
     如果是共享式,还需要配置:wpa_cli -iwlan0 set_network 0 auth_alg SHARED(默认是开放式,可以不配置)
 3)WPA/WPA2-Personal认证方式:
       wpa_cli -iwlan0 set_network 0 ssid '"wlan"'
     wpa_cli -iwlan0 set_network 0 key_mgmt WPA-PSK
     wpa_cli -iwlan0 set_network 0 proto WPA(WPA2)
     wpa_cli -iwlan0 set_network 0 pairwise TKIP(CCMP)
     wpa_cli -iwlan0 set_network 0 group TKIP(CCMP)
     wpa_cli -iwlan0 set_network 0 psk '"wlan_password"'
   4)WPA/WPA2-Enterprise认证方式:
      wpa_cli -iwlan0 set_network 0 ssid '"wlan"'
      wpa_cli -iwlan0 set_network 0 key_mgmt WPA-EAP
      wpa_cli -iwlan0 set_network 0 pairwise TKIP(CCMP)
      wpa_cli -iwlan0 set_network 0 group TKIP(CCMP)
      wpa_cli -iwlan0 set_network 0 eap PEAP
      wpa_cli -iwlan0 set_network 0 identity '"username"'
      wpa_cli -iwlan0 set_network 0 password '"password"'
      如果是WPA2-Enterprise认证:需要设置proto:wpa_cli -iwlan0 set_network 0 protoWPA2 
 类似资料: