PATCH: wired eapol receive/send
Simon Barber
simon
Wed Sep 8 09:24:38 PDT 2004
Ebtables is a good way to do this - it already has everything you need
in the kernel. Set it up to pass frames to userspace by default, and as
you see new MAC addresses add a new rule to not pass that frame up.
Simon
-----Original Message-----
From: hostap-bounces+simon=instant802.com at shmoo.com
[mailto:hostap-bounces+simon=instant802.com at shmoo.com] On Behalf Of
Gunter Burchardt
Sent: Tuesday, September 07, 2004 11:46 PM
To: Jouni Malinen
Cc: hostap at shmoo.com
Subject: Re: PATCH: wired eapol receive/send
> Is there any particular reason for parsing DHCP packets? One option
> would be to open packet socket on the same interface with Linux Socket
> filter to capture the packets and then take the layer 2 address from
> them. Then again, this may not end up being much simpler. Eventually,
> I would assume this could be replaced with something like iptables
> firewall queueing packets from unknown MAC addresses for user space
> processing and all devices would be noticed whenever they send the
> first packet, no matter whether it is DHCP or something else, i.e.,
> static IP and non-IPv4 hosts would also be processed.
New plan! I will write a kernel module to filter pacets from assoziated
stations. Since 2.4 it is possible to register netfilter hooks. With
help of this, a callback function can decide which packet will be droped
or passed. This module will have a misc device. Over ipctrls you can
configure it (like you did it in hostap driver). I will borrow some code
of hostap driver ;)
regards
gunter
_______________________________________________
HostAP mailing list
HostAP at shmoo.com
http://lists.shmoo.com/mailman/listinfo/hostap
More information about the Hostap
mailing list