denying local traffic
Doug Yeager
doug
Wed Feb 12 03:48:57 PST 2003
I LOVE THIS DRIVER!
this is very valuable code.
i'll post to the netfilter list. many wanted this capability!
sorry if this sounds personal....i'm just excited! :)))
At 08:07 PM 02/11/2003 -0800, you wrote:
>On Tue, Feb 11, 2003 at 08:39:57PM -0500, Doug Yeager wrote:
>
> > basically i want to deny any local traffic amongst clients.
> >
> > netfilter list informed me that hostap was like a "hub" and the firewall
> > cannot prevent this activity. not positive on that but i thought i would
> > try here to ask.
>
>Yes, that is correct. With default configuration, Host AP driver will
>bridge frames between associated stations below layer 3 and netfilter
>code cannot filter those frames.
>
> > is there a way to not allow this using hostap? any settings at compile
> > time to only allow traffic from client to AP? but not client to client
> > through ap?
>
>Yes, you can disable this internal driver bridge code by setting
>ap_bridge_packets to 0: 'prism2_param wlan0 ap_bridge_packets 0'.
>This does not require any compile time configuration.
>
>--
>Jouni Malinen PGP id EFC895FA
>_______________________________________________
>HostAP mailing list
>HostAP at shmoo.com
>http://lists.shmoo.com/mailman/listinfo/hostap
More information about the Hostap
mailing list