[PATCH RESEND] wpa_supplicant: don't reply to EAPOL if pkt_type is PACKET_OTHERHOST
Jouni Malinen
j at w1.fi
Mon Apr 2 03:33:14 PDT 2018
On Wed, Mar 28, 2018 at 04:34:56PM +0200, Davide Caratti wrote:
> When wpa_supplicant is running on a Linux interface that is configured in
> promiscuous mode, and it is not a member of a bridge, incoming EAPOL
> packets are processed regardless of the Destination Address in the frame.
> As a consequence, there are situations where wpa_supplicant replies to
> EAPOL packets that are not destined for it.
>
> This behavior seems undesired (see IEEE Std 802.1X-2010, 11.4.a), and can
> be avoided by attaching a BPF filter that lets the kernel discard packets
> having pkt_type equal to PACKET_OTHERHOST.
Thanks, applied.
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list