Kernel panic - avoiding useless traffic [hostapd+madwifi with EAP-TLS]

[Dennis Borgmann]

Hello Jouni,
hello hostapd-list-readers!

I am currently running into an odd problem using hostapd and madwifi in 
combination. I have a wireless network running EAP-TLS encryption. 
hostapd provides the accesspoint, freeradius is working as radius server 
in the background. I have certificates configured. The load put onto the 
wireless card is at 1,4Mbit/sec, so it is quite low, but there are 
roundabout 400 packets/sec, which is quite high. I have around 1 packet 
each 2ms and this cannot be diminished. This setup is running very well 
except of one point.

If I try to associate with a Windows XP using an Intel wireless device 
machine, that does not have any certificate in order to connect to the 
AP, the madwifi driver starts pumping "stuck beacon" messages and soon 
afterwards hangs with a kernel panic. I am able to get around this 
problem by setting an accesslist on the very computer, that runs the AP. 
If this is done, it seems like on ISO layer 2 the packet is already 
rejected and therefore the "stuck beacon" cannot happen.

Presuming, madwifi is configured to kick unwanted MACs(iwpriv ath0 
maccmd 2): Is it possible to give a command to madwifi (iwpriv ath0 
addmac <BADMAC>) as soon as hostapd recognizes, there is a wrong 
certificate or no certifcate at all? If this could be done, my problem 
would be solved and by the way I would be able to avoid a lot of useless 
traffic.

Very kind regards for any kind of help.

Dennis