The new kernel worked, at least for a little while. I had to radically rework the network configuration in order to get it functioning with minimal firewall changes. So initially I had 1 Gb on board Ethernet wired to the internal network, 100 Mb USB Ethernet on the ADSL line with the wifi provided by a bridge on the switch. Now, the 1 GB provides the PPPoE interface and WiFi supplies the network. I use the USB Ethernet adapter on it's own subnet, connected directly to my laptop, as a management port.
The best way to avoid changing the firewall, other than a simple bit of 'sedding', was to create a bridge interface between what is now regarded as the physical interface and the wireless interface. The physical interface doesn't actually exist any more, but it's there just in case; call it future proofing against my own change of mind. So let's look at the network/interfaces configuration...
iface eth4 inet manual
iface wlan0 inet manual
iface br0 inet static
bridge_ports eth4 wlan0
The rest is pretty straight forward. This creates the bridge interface. Actually, nothing happens on boot, because there is no eth4 device and no wlan0 device, therefore no bridge device is created. But once udevd detects the ath9k driver, a udev rule takes care of starting the hostapd daemon, and thus creates the bridge. The script also sets up extra iptables rules to allow traffic on br0, since everything is implicitly dropped. Having hostapd start on system boot is no good, even though it's the recommended route. With USB devices, they have to wait until the USB hub driver has loaded before plugged devices can be found. By this point, the hostapd will have failed because the devices weren't present. Instead, I completely rewrote my own version of the hostapd ifupdown.sh script, to ensure that the right thing is done when a device comes online and goes of line. I have tested this, by repeatedly unplugging the USB adapter and plugging it back in. Each time, udev unloads and loads the ath9k module, runs my script, thus installs firewall rules and runs hostapd.
Dilema! (another one)
The 3.2 kernel I am using seems to have a bug in the Atheros driver. After a period of the driver being loaded and the adapter being connected, sending and receiving traffic, the kernel crashes. There are a few problems with this. One is that the kernel crashes!! Two is that the kernel panic doesn't make it to syslog, so I have no idea what happens. Three, I need to create serial connector for the hidden serial port on the NAS drive. Hassle!
So next steps... I have purchased a Nokia CA 42 lead from Amazon. This has an inbuilt TTL, and considering it's only £4, it is far cheaper than the £30 for a proper USB TTL lead. When it arrives, I will set to work on getting the serial console up and running so I can debug the driver crash.
In the meantime, I am going to build the 3.4 kernel using my scripts and investigate what changes have been made to the ath9k modules between 3.2, 3.4 and 3.6 kernels. It's quite possible that I can backport a change that provides a solution, to my 3.2 kernel.
Stay tuned for more progress...