wired authentication (kernel module)

Arnaud Kleinveld kleinveld at pacific.net.sg
Thu Sep 23 00:17:35 EDT 2004


I have tested that in combination with Hostap and it works. I don't think my 
solution is exectly the one Gunter is searching for but I got iptables routing 
unauthenticated clients to a login page. So iptables can do the trick as you 
describe. With wired or wireless client, that doesn't matter.

Arnaud

Jouni Malinen wrote:
> On Thu, Sep 23, 2004 at 06:04:39AM +0200, Gunter Burchardt wrote:
> 
> 
>>ebtables cant do it! if you look through you ebtables kernel code you
>>will see that all forwarding/prerouting/postroutung hooks only works
>>with briges. Input and output hook is only for local processes. If
>>you're using an routed environment without briges ebtables didn't see
>>any forwarded packets.
> 
> 
> Wouldn't matching iptables rules with src MAC address matching in
> FORWARD chain do the trick for the IP routing case?
> 



More information about the HostAP mailing list