how to patch your ram-download firmware image to allow more channels
Wilfried Klaebe
hostap at orion.toppoint.de
Mon Jun 23 16:25:50 EDT 2003
Hi!
I live in Germany and it annoyed me that I could not use all 13 channels
that are allowed in Germany, but only channels 1 to 11.
I also had already extracted a ram-downloadable firmware image from the
windows drivers (RF010504.HEX), which worked perfectly.
Then I read somewhere that PDR 0104 holds the bitmask of the allowed
channels, and experimented a little, and out came this:
Find in the image file the line with PDR 0104:
$ grep 'S3..FF00000004010000' RF010504.HEX
S311FF00000004010000C0D27E0002000000D8
^^^^^^^^
Note down address, delete line.
This makes the firmware download not put the bitmask of the flashed
firmware to the ram download image.
Find the line with that address:
$ grep 'S3..007ED2[BC]' RF010504.HEX
S315007ED2B800EA000000000000FF1F01006400E8038A
S315007ED2C810271400D007D00710270000320002006E
The former line is the correct one (FF1F at ...C0).
Change to FF2F (channels 1 to 13), subtract 0x10 from checksum at end
of line (8A) =>
S315007ED2B800EA000000000000FF2F01006400E8037A
Save, download, "iwconfig wlan0 channel 13", smile :)
Of course, you could also change that data to FF3F, allowing all 14
channels (which would be against regulations). Don't forget to change
the checksum by 0x20 then...
regards, Wilfried
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.shmoo.com/pipermail/hostap/attachments/20030623/edb266a1/attachment.pgp
More information about the HostAP
mailing list