[HostAP] Re: mac address blocking question

Jouni Malinen jkmaline at cc.hut.fi
Sat Oct 12 06:44:24 EDT 2002


On Mon, Sep 30, 2002 at 09:18:01AM -0300, Luiz Felipe Ceglia wrote:

> I have the need to allow some devices only connected to the box's eth0 pass.

eth0?? That's the wired ethernet device, not wireless(?)

> I issued the following commands:
> 
> iwpriv wlan0 maccmd 1
> iwpriv wlan0 maccmd 4
> iwpriv wlan0 addmac 01:02:03:04:05:06

These seems to be correct, if you intend to kick out all associated
(wireless) stations and in the future allow only station with hwaddr
01:02:03:04:05:06 to authenticate in the future. If you had any
associated stations before issuing these commands, they should be
deauthenticated and no frames should be accepted from them.

> I can still ping the host I have connected to eth0

Ping from which host? If you are pinging from a station associated to
the wireless device (wlan0), it should not be able to ping any hosts in
eth0 after this (assuming you do not have another AP that would allow
this, etc.).

-- 
Jouni Malinen                                            PGP id EFC895FA




More information about the HostAP mailing list