ebtables interaction hostapd
Mon Nov 17 04:01:52 PST 2008
I have setup an 802.1x with EAP-TLS environment with hostap and a
freeradius-server. XP clients can successfully authenticate themselves.
- one OpenSuse11 setup as a bridge with hostap, brctl and ebtables
- one OpenSuse11 setup as freeradius
- one XP client machine
But the problem is how to connect the hostapd with ebtables. If a client
successfully authenticates (= Access-accept message), allow traffic from
this client to pass the bridge.
It would be feasible to parse the logs of the hostapd and adapt the
ebtable rules. F.i. if a mac-address gets an access accept message then
perform ebtables -t broute -A mac -j ACCEPT.
Instead of using ebtables, one can also use the the pae kernel module on
sourceforge. But in don't know how hostapd would interact with that
Is there another way to do the interaction between ebtables and hostap?
What is the purpose of hostap if it can authenticate clients but doesn't
act on client authentication. Hostap doesn't implement the port access
entity module of 802.1x.
All ideas are welcome!
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Hostap