is wpa_supplicant possible on bridged interface?

Bryan Kadzban bryan at kadzban.is-a-geek.net
Sun Feb 5 22:02:21 EST 2006


Jouni Malinen wrote:
> Please keep in mind that IEEE 802.11 only allows stations that
> associate with an AP to send frames with its own address as the
> source address. Layer 2 bridge is thus not going to work very well.
> One would need to have some kind of address translation for MAC
> addresses to make this work. Is this what you are looking into doing?

I can't speak for the OP, but I do know how Linksys does this in their
workgroup bridge + 5-port switch product (the WET54GS5).  This device
runs Linux, and has the sources for the official Linksys firmware
available.  They run an extra "macnat" iptables patch, which appears to
make the device function in a similar manner to a router (i.e. all
frames headed out its wireless interface get NATed at the MAC layer).
But it's not exactly a router, because broadcast frames are still forwarded.

(However, I should note that this product seems to have issues; it seems
to reset its wireless interface from time to time, and there may be
other issues I'm forgetting about.  I don't know whether the issues are
caused by the macnat stuff or not; they may be caused by a dodgy power
supply in the two units that we bought.  But we don't use them anymore
at work, either; we just use a "real" router instead.  We put a wireless
NIC in the PC, and just have it route between that interface and
anything plugged into its wired NIC.)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
Url : http://lists.shmoo.com/pipermail/hostap/attachments/20060205/37777363/attachment.pgp 


More information about the HostAP mailing list