wpa_supplicant and bridges

Jon DeVree nuxi at vault24.org
Sat Jun 5 17:20:28 EDT 2010


I was trying to set up wpa_supplicant with a wireless card that was part
of a bridge. wpa_supplicant seems unable to authenticate while the
interface is bridged, but once the handshake is done adding it to the
bridge works fine. I went into the code and started playing around with
it. I found the part in src/l2_packet/l2_packet_linux.c where it
sets up the raw socket to recieve EAPOL frames, it looks like this:

socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_EAPOL));

When the interface is not part of a bridge this works fine. If the
interface is part of the bridge this doesn't ever get packets. Since
tcpdump shows EAPOL frames regardless, I changed the socket() call to
request all packets (ETH_P_ALL) and then added code after the recvfrom()
call to filter out packets that aren't ETH_P_EAPOL. This seems to work
fine.

So it seems there is a possible kernel bug here. EAPOL frames cannot be
specifically requested from a raw socket when the interface is part of a
bridge, but they will show up if all frames are requested. Other frame
types, like ETH_P_IP seem to work fine. Has anyone else noticed this or
is it limited to my driver (IWL3945?)

I can post a full patch to wpa_supplicant that works around the kernel
bug if anyone wants it.
-- 
Jon
X(7): A program for managing terminal windows. See also screen(1).


More information about the HostAP mailing list