Special Wireless ISP wish
pedro.estrela at inesc.pt
Wed Oct 23 10:29:13 EDT 2002
the way things are constructed in IP routing makes that stations will always
try to contact each other directly if they are on the same IP subnet,
starting by an ARP request.
you could make proxy ARP for all possible MAC addressess, but that would
simply be a race condition scenario, because the target station would also
reply with his own MAC address.
if you have the colaboration of the stations, the simpler way is to define
for the stations a IP routing configuration with a closed netmask
(255.255.255.255), and the default GW being the AP. This way all traffic
will get forward to the AP. The later has a normal configuration, which
sends the packet to the destination as normal. Note that this can be made
trivially with DHCP configuration.
if you don't have the colaboration of the stations, and you wish to enforce
a policy of not allowing direct inter-station communication, please note
that "prism2_param wlan0 ap_bridge_packets 0" will simply NOT solve your
problem, because it will only stop bridging inside the driver the packets
captured by the AP and destinated to the same wireless cell; it does not
prevent that stations comunicate directly, if they are in range, because
it's IP netmask (255.255.255.0 ou whatever) tells them to proceed that way,
and there is nothing in the 802.11 standard that enforces what you want (as
fair as i know).
> Is it possible to modify the driver to deny access
> between the stations?
> The stations should only be able to communicate with
> the "AP".
> Any Ideas?
> Alexander Bögl
> comteam IT solutions
> HostAP mailing list
> HostAP at shmoo.com
More information about the HostAP