denying local traffic
doug at aircomwireless.net
Tue Feb 11 20:39:57 EST 2003
i'm trying to lock down an access point (hostap) and give people only the
ability to get through it to the web but not to each other.
this is a coffee shop type setup where users don't know each other and
frequently leave open shares on their windows clients. they don't know it,
but it is very insecure.
basically i want to deny any local traffic amongst clients.
netfilter list informed me that hostap was like a "hub" and the firewall
cannot prevent this activity. not positive on that but i thought i would
try here to ask.
is there a way to not allow this using hostap? any settings at compile
time to only allow traffic from client to AP? but not client to client
if i can do this is iptables, i would rather do that, so let me know if
anybody has done that.
More information about the HostAP