[isf-wifidog] WIfidog client and non-authenticated user isolation
Rein Petersen
rein.petersen at gmail.com
Dim 19 Fév 16:47:37 EST 2006
Hey Max,
Thanks for letting me know about wl0_ap_isolate option in wifidog client -
it's nice to know that authenticated users have some protection from wanton
wardrivers. I'll be proposing that we implement the feature on all routers
part of the Wireless Toronto network.
Thanks again, Rein
On 2/19/06, Max Horváth <max.horvath at maxspot.de> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi Rein,
>
> Rein Petersen wrote:
>
> > Hi All,
> >
> > I was performing a few tests with Wifidog client and found that a
> > non-authenticated user was able to ping authenticated users.
> >
> > Is OpenWRT capable of isolating all network activity of non-
> > authenticated users (by MAC address I suppose) to protect legit
> > users from war-drivers?
>
> There is no filtering possible.
>
> What you might do is setting the NVRAM variable wl0_ap_isolate to the
> value of 1. This will enable AP client isolation. It means that you
> hide clients from each other. Setting it to 0 (which is enabled by
> default) means that you allow clients to see each other.
>
> So wl0_ap_isolate=1 will not only disallow any communication between
> unauthenticated users, but all. It is what we here at maxspot did.
> Just to meet security issue. Cause it turns out that you cannot just
> filter between authenticated and unauthenticated users.
>
-------------- section suivante --------------
Une pièce jointe HTML a été enlevée...
URL: http://listes.ilesansfil.org/pipermail/wifidog/attachments/20060219/3df2b348/attachment.htm
More information about the WiFiDog
mailing list