Ap_isolate behavior.

[Sergey Ryazanov]

On Fri, Sep 10, 2021 at 2:58 AM Mark K Vallevand <mvallevand at q.com> wrote:
> I've been looking at the kernel sources, and it should behave correctly when ap_isolate=1.
> I suspect that it might be some networking thing that I don't understand or have mis-configured.
> What I have is an ethernet bridge with wi-fi and ethernet slaves.  The bridge is used for some packet inspection and to get traffic into our solution.
> When I have 2 stations connected to wi-fi and ap_isolate=0, the stations can talk to each other, and I can see their traffic using tcpdump on the wi-fi interface.  I do not see their traffic on the bridge.  So, aha I say.  Set ap_isolate=1.
> When I have 2 stations connected to wi-fi and ap_isolate=1, the stations cannot talk to each other, and I cannot see their traffic using tcpdump on the wi-fi interface.  I do not see their traffic on the bridge (of course).
> What I want is 2 stations connected to wi-fi to forward frames to the bridge and then back out the wi-fi.  If that makes sense.

Your setup description sounds quite correct. I do not see any obvious errors.

If you need someone to review your configuration, just post both of
them (with and without client isolation). Do not forget to post
network configuration and hostapd version as well. Or check
configurations line by line on your own.

-- 
Sergey