# I know what I'm doing - unlock the good stuff.
CONFIG_EXPERT=y
# Yes, I acknowledge it's on me to NOT break the law.
CONFIG_CFG80211_CERTIFICATION_ONUS=y
bool "cfg80211 certification onus"
depends on EXPERT
default n
help
You should disable this option unless you are both capable
and willing to ensure your system will remain regulatory
compliant with the features available under this option.
Some options may still be under heavy development and
for whatever reason regulatory compliance has not or
cannot yet be verified. Regulatory verification may at
times only be possible until you have the final system
in place.
This option should only be enabled by system integrators
or distributions that have done work necessary to ensure
regulatory certification on the system with the enabled
features. Alternatively you can enable this option if
you are a wireless researcher and are working in a controlled
and approved environment by your local regulatory agency.
# Allow unsigned regulatory law databases
CONFIG_CFG80211_REQUIRE_SIGNED_REGDB=n
bool "require regdb signature" if CFG80211_CERTIFICATION_ONUS
default y
select SYSTEM_DATA_VERIFICATION
help
Require that in addition to the "regulatory.db" file a
"regulatory.db.p7s" can be loaded with a valid PKCS#7
signature for the regulatory.db file made by one of the
keys in the certs/ directory.
# Allow the ability to transmit where laws say you can't
CONFIG_CFG80211_REG_RELAX_NO_IR=y
bool "cfg80211 support for NO_IR relaxation"
depends on CFG80211_CERTIFICATION_ONUS
help
This option enables support for relaxation of the NO_IR flag for
situations that certain regulatory bodies have provided clarifications
on how relaxation can occur. This feature has an inherent dependency on
userspace features which must have been properly tested and as such is
not enabled by default.
A relaxation feature example is allowing the operation of a P2P group
owner (GO) on channels marked with NO_IR if there is an additional BSS
interface which associated to an AP which userspace assumes or confirms
to be an authorized master, i.e., with radar detection support and DFS
capabilities. However, note that in order to not create daisy chain
scenarios, this relaxation is not allowed in cases where the BSS client
is associated to P2P GO and in addition the P2P GO instantiated on
a channel due to this relaxation should not allow connection from
non P2P clients.
The regulatory core will apply these relaxations only for drivers that
support this feature by declaring the appropriate channel flags and
capabilities in their registration flow.
# Allow the user to override the firmware regulatory settings in Atheros chipsets
CONFIG_ATH_REG_DYNAMIC_USER_REG_HINTS=y
bool "Atheros dynamic user regulatory hints"
depends on CFG80211_CERTIFICATION_ONUS
default n
help
Say N. This should only be enabled in countries where
this feature is explicitly allowed and only on cards that
specifically have been tested for this.
# Signify to the atheros driver that we're doing "certification testing"
CONFIG_ATH_REG_DYNAMIC_USER_CERT_TESTING=y
bool "Atheros dynamic user regulatory testing"
depends on ATH_REG_DYNAMIC_USER_REG_HINTS && CFG80211_CERTIFICATION_ONUS
default n
help
Say N. This should only be enabled on systems
undergoing certification testing.
# Signify to the driver that we're in an approved transmit area.
CONFIG_ATH10K_DFS_CERTIFIED=y
bool "Atheros DFS support for certified platforms"
depends on ATH10K && CFG80211_CERTIFICATION_ONUS
default n
help
This option enables DFS support for initiating radiation on
ath10k.
ctrl_interface=/var/run/hostapd
ctrl_interface_group=wheel
# Some usable default settings...
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0
# WPA version 3
wpa=3
# WPA pre-shared key
wpa_key_mgmt=WPA-PSK
# Use TKIP
wpa_pairwise=TKIP
# and CCMP
rsn_pairwise=CCMP
# DO NOT FORGET TO SET A WPA PASSPHRASE!!
wpa_passphrase=<passphrase>
ssid=<ssid>
# Most modern wireless drivers in the kernel need driver=nl80211
driver=nl80211
# Customize these for your local configuration...
interface=wlp5s0
bridge=bridge0
# 5 GHz Band:
hw_mode=a
# channel 0 means 'scan for open channel'
channel=0
country_code=US
# Indoor only
#country3=0x49
# Outdoor only
#country3=0x4f
# All everything
country3=0x20
#local_pwr_constraint=30
# enable WMM (required for full N/AC functionality
wmm_enabled=1
# advertize country code
ieee80211d=1
# DFS and radar detection
ieee80211h=1
# enable N [ht]
ieee80211n=1
# enable AC [vht]
ieee80211ac=1
# enable AX [he]
#ieee80211ax=1
# allow short preamble
preamble=1
#vht_oper_centr_freq_seg0_idx=42
#vht_oper_centr_freq_seg1_idx=159
# 5 scan cycles to find an open channel
acs_num_scans=5
# Choose the channels you want to scan.
#chanlist=1-11 32-68 100-177
chanlist=1-11 50-68 100-177
# use 'iw list' to see what your card supports
# HT is Wireless "N" parameters - customize to your card.
ht_capab=[LDPC][HT40+][TX-STBC][RX-STBC1][MAX-AMSDU-7935][DSSS_CCK-40]
# VHT is Wireless "AC" parameters - customize to your card.
vht_capab=[MAX-MPDU-11454][RXLDPC][SHORT-GI-80][TX-STBC-2BY1][RX-ANTENNA-PATTERN][TX-ANTENNA-PATTERN]
# set channel width - 0 = 20/40, 1 = 80, 2 = 160, 3 = 80+80
vht_oper_chwidth=1
# HE is Wireless "AX" parameters - customize to your card.
# he_capab=[]