Can hostapd be used in this way?

Jouni Malinen j at w1.fi
Mon Jun 2 08:16:23 EDT 2014


On Mon, Jun 02, 2014 at 09:14:58AM +0800, Kf Lee wrote:
> Thus anyone near my home would be able to get on to Internet, and only
> internet access offered  to public, while I can still securely use my
> home network. Can I set up so that any access via Public-SSID can only
> access port 80 and straight redirect to Internet gateway which is
> 192.168.1.1 without me worry someone may wonder around in my network?

Yes, that can be done, but captive portals and data traffic filtering
are out-of-scope for hostapd.

> Or alternatively, can hostapd be setup so that it has two SSID, one
> with 192.1168.1.x for private use and one with 192.168.2.x for publc?

If the WLAN hardware and driver you are using supports multiple virtual
BSSes, yes, this can be configured (e.g., see bss=<ifname> at the end of
hostapd/hostapd.conf). The actual IP networks and routing/filtering are
out-of-scope for hostapd, so that would be an external script or program
doing network stack configuration.

-- 
Jouni Malinen                                            PGP id EFC895FA


More information about the HostAP mailing list