SYNC commit.

code/enable-forwarding.sh

@@ -0,0 +1,6 @@
+#!
+# Run as root
+#
+
+sysctl -w net.ipv4.conf.all.forwarding=1
+sysctl -w net.ipv6.conf.all.forwading=1

notes/todos/todo.md

@@ -1,4 +1,4 @@
-- [ ] [[TODO1]] Need microsd card for Mi 360 home camera
+- [ ] !Need microsd card for Mi 360 home camera
 - [ ] Cannot get Ledvance LED strip into discovery mode s.t. connection could be established
 - [ ] Have not managed to setup AP/Hotspot: Amazon echodot needs iOS app but iPhone will not connect to AP on fedora Laptop
 - [x] ~~Ask Valentyna/Nima for other approach to capture traffic~~ Preliminary Fix: USB Plugable Wifi Adapters.

notes/wiki/EnvironmentSetup.md

@@ -18,6 +18,7 @@ So what must a toolkit which sets up the experiment environment be able to do:
 1. __AP Service__ Through config or detection setup a properly configure AP, possibly on a external adapter
 2. __IP networking dependencies__ Since the experiment machine is replacing some functionality usually offered by the router to connecting host, some router functionality must be offerd. In particular [[dhcp]] (IoT device needs an IP) and [[dns]] (IoT device needs some way to get IPs of hosts it wants to connect to). 
 3. __Internet Gateway__ Enable any IoT device to connect to the Internet. That is, test machine must at least be a [[gateway]] and the IoT device should ideally be able to understand that without any configuration.
+4. Any firewall must allow for [[dhcp]] and [[dns]] services to be accepted by experiment host.
 # AP Configuration
 ## Using NetworkManager
 See [here](https://variwiki.com/index.php?title=Wifi_NetworkManager#Configuring_WiFi_Access_Point_with_NetworkManager). Can use the command line tool [[nmcli]].

notes/wiki/aircrack-ng.md

@@ -0,0 +1 @@
+#tldr : #TODO 

notes/wiki/dnsmasq.md

@@ -0,0 +1,33 @@
+#tldr : #TODO 
+**Resources**:
+- https://variwiki.com/index.php?title=Wifi_NetworkManager#Configuring_WiFi_Access_Point
+- https://wiki.archlinux.org/title/Dnsmasq
+- https://thekelleys.org.uk/dnsmasq/doc.html
+- https://thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html
+- https://thekelleys.org.uk/dnsmasq/docs/FAQ
+
+
+## Configuring WiFi Access Point with NetworkManager
+
+NetworkManager can also be used to turn WiFi interface into Access Point.  
+The benefit of using NetworkManager in this scenario is the complete automation of WiFi, DHCP server and NAT configuration.
+
+### Disabling standalone dnsmasq service
+
+Dnsmasq is a lightweight DNS forwarder and DHCP server.  
+By default dnsmasq runs as a standalone service and will conflict with dnsmasq instance launched by NetworkManager.  
+To prevent the conflict, disable dnsmasq service by running the following commands:
+
+```
+systemctl disable dnsmasq
+```
+```
+systemctl stop dnsmasq
+```
+
+For NetworkManager to run dnsmasq as a local caching DNS server, edit/create /etc/NetworkManager/NetworkManager.conf and add the following
+```system
+[main]
+dns=dnsmasq
+```
+#note: Maybe must disable #NetworkManager #dnsmasq and enable system service dnsmasq.

notes/wiki/hostapd.md

@@ -1,3 +1,5 @@
+#tldr : #TODO 
+
 ```bash
 # For nl80211, this parameter can be used to request the AP interface to be
 # added to the bridge automatically (brctl may refuse to do this before hostapd

notes/wiki/ip-forwarding.md

@@ -0,0 +1,32 @@
+Resources:
+[archwiki-internet-sharing](https://wiki.archlinux.org/title/Internet_sharing#Configuration)
+[archwiki-sysctl](https://wiki.archlinux.org/title/Sysctl#Configuration)
+[kernel-sysctl](https://www.kernel.org/doc/html/latest//networking/ip-sysctl.html)
+
+Remark: Many resources mention that all #firewall config should be executed in one go from a script.
+They also mention to make sure to flush all previous rules/tables/chains before beginning the setup.
+Order of rules matter.
+
+*Check current settings*
+```bash
+sudo sysctl -a | grep forward
+```
+
+# Config 
+```
+net.ipv4.conf.all.bc_forwarding = 0 # broadcast?
+net.ipv4.conf.all.forwarding = 1 # Enable IP forwarding on this interface.
+```
+Latter above controls whether packets received _on_ this (in this case on _all_) interface can be forwarded.
+
+```
+net.ipv4.conf.all.mc_forwarding = 0 # Multicast routing
+```
+## Locations
+### Preloaded
+
+# Tags
+#firewall #nat
+#sysctl
+#ip-forwarding
+#masquerading

notes/wiki/iw.md

@@ -1,4 +1,4 @@
-**TLDR**: show / manipulate wirless devices and their configs.
+#tldr: show / manipulate wirless devices and their configs.
 
 # Commands used:
 - `iw list` shows extensive info about all wirless devices. 

notes/wiki/monitoring.md

@@ -1,4 +1,4 @@
-***TLDR:*** How to monitor/sniff wifi network traffic of IoT Devices. Two strategies:
+#tldr How to monitor/sniff wifi network traffic of IoT Devices. Two strategies:
 Use a wifi adapter to setup an #AP and have the devices connect to via that or use wifi card in monitor mode.
 
 # Funnel traffic via AP

notes/wiki/nmcli.md

@@ -1,5 +1,7 @@
-**TLDR:** Command line utility of [NetworkManager](https://networkmanager.dev)
-
+#tldr :  Command line utility of [NetworkManager](https://networkmanager.dev)
+Resources:
+- https://wiki.archlinux.org/title/Software_access_point#NetworkManager_is_interfering
+- https://wiki.archlinux.org/title/NetworkManager#Ignore_specific_devices
 Benefit: Automates setting up WiFi, DHCP server and NAT config, according to [here](https://variwiki.com/index.php?title=Wifi_NetworkManager#Configuring_WiFi_Access_Point_with_NetworkManager).
 
 
@@ -40,9 +42,12 @@ After modifying run
 sudo nmcli general reload
 ```
 
-Resources: https://wiki.archlinux.org/title/Software_access_point#NetworkManager_is_interfering and https://wiki.archlinux.org/title/NetworkManager#Ignore_specific_devices
-
-
+Must avoid having conflicting [[dnsmasq]] instances between #systemd managed and #NetworkManager built in. 
+
+
+# Troubleshooting
+## Wifi adapter not found anymor
+See [[Tools]].