From: eLinux.org

Bluetooth Network

This page has information about setting up a Bluetooth Personal Area
Network (PAN) with BlueZ. Having a Bluetooth network is helpful for
providing network access to low power embedded devices.

Contents

Background

Information on piconets can be found on
Wikipedia
Basic information on BlueZ PAN support can be found here:
[1]

Limitations

A PAN network is limited to 7 clients and provides substantially less
bandwidth (~700Kbit/s) than other WiFi networks.

Requirements

To setup a home piconet, you’ll need:

  • A Bluetooth device, such as a USB dongle, preferably Class 1 for
    range purposes.
  • A kernel that supports the Bluez stack including BNEP.
  • bluez-utils (testing with 3.36).
  • Kernel ethernet bridging support.
  • bridge-utils (tested
    with 1.4).

These instructions are based on a Debian/Sid system, but the setup
should be similar for other distributions.

BlueZ Configuration

Setup /etc/bluetooth/hcid.conf

hcid.conf(5)
Your piconet server should advertise itself appropriately. Modify the
class parameter within the device section so that the host presents
itself as a network access point device offering network service:

  1. # Local device class
  2. class 0x020300;

Change your piconet server to prefer master role on incoming
connections:

  1. lm master;

Make your piconet server permanently discoverable:

  1. discovto 0;

Daemon Configuration

pand(1)
Setup the command line options for the pand daemon. Within Debian, this
is done through the file /etc/default/bluetooth. The command lines for
the pand daemon should be:

  1. --listen --role NAP -u /etc/bluetooth/pan/dev-up -o /etc/bluetooth/pan/dev-down

End Result (When host is connected)

ifconfig bnep0

  1. bnep0     Link encap:Ethernet  HWaddr 00:11:f6:05:79:95
  2.           inet6 addr: fe80::211:f6ff:fe05:7995/64 Scope:Link
  3.           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  4.           RX packets:23661 errors:0 dropped:0 overruns:0 frame:0
  5.           TX packets:29381 errors:0 dropped:0 overruns:0 carrier:0
  6.           collisions:0 txqueuelen:1000
  7.           RX bytes:2976646 (2.8 MiB)  TX bytes:27249215 (25.9 MiB)

hcitool con

  1. Connections:
  2.     > ACL 00:1B:DC:0F:A8:AE handle 8 state 1 lm MASTER

Bridge Configuration

The kernel only provides an Ethernet device when at least one PAN client
has connected. This means that there will be no associated device when
no devices are connected. This can be very inconvenient when providing
services such as DHCP. By utilizing Ethernet Bridging, a permanent pan0
device can be created.

Setup /etc/network/interfaces

interfaces(5)

bridge-utils-interfaces(5)
On Debian systems, network interfaces are configured through this file.
An example configuration would be:

  1. auto pan0
  2. iface pan0 inet static
  3.         address 10.1.0.1
  4.         netmask 255.255.255.0
  5.         broadcast 10.1.0.255
  6.         bridge_ports none
  7.         bridge_fd 0
  8.         bridge_stp off

Alternatively, the pan0 interface can be configured manually:

  1. brctl addbr pan0
  2. brctl setfd pan0 0
  3. brctl stp pan0 off
  4. ifconfig pan0 10.1.0.1 netmask 255.255.255.0

Setup /etc/bluetooth/pan/dev-{up|down}

The dev up/down files add and remove the bnep0 device from the pan0
bridge interface as the first device enters the network, and as the last
device leaves the network.

/etc/bluetooth/pan/dev-up

  1. #!/bin/sh
  2. ifconfig $1 up
  3. brctl addif pan0 $1

/etc/bluetooth/pan/dev-down

  1. #!/bin/sh
  2. brctl delif pan0 $1
  3. ifconfig $1 down

End Result (When host is connected)

brctl show

  1. bridge name bridge id       STP enabled interfaces
  2. pan0        8000.0011f6057995   no      bnep0

ifconfig pan0

  1. pan0      Link encap:Ethernet  HWaddr 00:11:f6:05:79:95
  2.           inet addr:10.1.0.1  Bcast:10.1.0.255  Mask:255.255.255.0
  3.           inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link
  4.           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  5.           RX packets:30706 errors:0 dropped:0 overruns:0 frame:0
  6.           TX packets:40037 errors:0 dropped:0 overruns:0 carrier:0
  7.           collisions:0 txqueuelen:0
  8.           RX bytes:3681538 (3.5 MiB)  TX bytes:34573855 (32.9 MiB)

Setup DHCP

Unless avahi zeroconf will be used to assign address, a DHCP server will
be required.

Setup /etc/dhcpd.conf

Basic configuration:

  1. option domain-name-servers <dns1>,<dns2>,<dns3>;
  3. default-lease-time 864000;
  4. max-lease-time 864000;
  6. subnet 10.1.0.0 netmask 255.255.255.0 {
  7.   option domain-name "blue";
  8.   range 10.1.0.100 10.1.0.200;
  9.   option routers 10.1.0.1;
  10. }

Daemon Configuration

Setup the command line options for the dhcpd daemon. Within Debian, this
is done through the file /etc/default/dhcp. Tho command lines for the
dhcpd daemon should be:

  1. pan0

Setup Network

If your piconet server is not the machine you intend to access your
piconet devices from and/or your piconet devices need to access hosts
other than your piconet server, routing and/or NAT will need to be
configured

Shorewall

Adding your piconet to an existing Shorewall
configuration is by far the easiest method.

params

  1. BLUE_IF=pan0

interfaces

  1. #ZONE   INTERFACE       BROADCAST       OPTIONS
  2. blue    $BLUE_IF    detect      tcpflags,dhcp,detectnets,nosmurfs

zones

  1. #ZONE   TYPE        OPTIONS     IN          OUT
  2. #                   OPTIONS         OPTIONS
  3. blue    ipv4

policy

Allow piconet to access Internet:

  1. #SOURCE         DEST            POLICY          LOG             LIMIT:BURST
  2. #                                               LEVEL
  3. blue            net             ACCEPT

A rule like the following would allow the local network to access the
piconet:

  1. #SOURCE         DEST            POLICY          LOG             LIMIT:BURST
  2. #
  3. loc             all             ACCEPT

The last line of the policy file should of course contain an all/all
DROP rule.

masq

Allow local network to access piconet masquerading as piconet server:

  1. #INTERFACE              SUBNET          ADDRESS         PROTO   PORT(S) IPSEC
  2. $BLUE_IF        $LOC_IF

Masquerade piconet network access to Internet

  1. #INTERFACE              SUBNET          ADDRESS         PROTO   PORT(S) IPSEC
  2. $NET_IF         $BLUE_IF

rules

Not allowing your open piconet to do things like Spam and/or access your
Cable modem is probably a good thing.

  1. #ACTION         SOURCE  DEST            PROTO   DEST    SOURCE          ORIGINAL        RATE            USER/
  2. #                                               PORT    PORT(S)         DEST            LIMIT           GROUP
  3. SMTP/REJECT     blue    net
  4. DROP   blue    net:10.0.0.0/8,192.168.0.0/16,172.16.0.0/12

Netfilter

A very basic Netfilter
setup,
assuming that eth1 connects to the Internet, and eth0 connects to the
local network.

  1. # Enable masquerading access to the Internet (rule may already exists)
  2. iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
  3. # Enable masquerading access to the piconet from the local net
  4. iptables -t nat -A POSTROUTING -i eth0 -o pan0 -j MASQUERADE
  5. # Enable routing (may already exist)
  6. echo 1 > /proc/sys/net/ipv4/ip_forward

Network Manager 0.7

Network Manager provides
connection sharing functionality. From the “Edit Connections” dialog,
select “Add”. Name the connection bnep0 and enter the Bluetooth device’s
MAC address into the Wired tab. Select “Shared to other computers” on
the “IPv4 Settings” tab.

Client Device

Embedded devices should execute the command:

  1. pand --connect <bdaddr of piconet server> --persist -u ifup -o ifdown

Upon boot, alternatively, the following command can be used:

  1. pand --search --persist -u ifup -o ifdown

/etc/network/interfaces file

This step applies to Debian and Debian like (Angstrom/OE) distributions.
Modification will be required for other distributions:

  1. # Bluetooth networking
  2. allow-hotplug bnep0
  3. iface bnep0 inet dhcp

End result

ifconfig bnep0

  1. bnep0     Link encap:Ethernet  HWaddr 00:1B:DC:0F:A8:AE
  2.           inet addr:10.1.0.100  Bcast:10.1.0.255  Mask:255.255.255.0
  3.           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  4.           RX packets:29272 errors:0 dropped:0 overruns:0 frame:0
  5.           TX packets:23598 errors:0 dropped:0 overruns:0 carrier:0
  6.           collisions:0 txqueuelen:1000
  7.           RX bytes:27242050 (25.9 MiB)  TX bytes:2964918 (2.8 MiB)

route -n

  1. Kernel IP routing table
  2. Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
  3. 10.1.0.0        0.0.0.0         255.255.255.0   U     0      0        0 bnep0
  4. 0.0.0.0         10.1.0.1        0.0.0.0         UG    0      0        0 bnep0

hcitool con

  1. Connections:
  2.     < ACL 00:11:F6:05:79:95 handle 42 state 1 lm SLAVE

Category: