I know people used Parprouted to help with bridging wired with wireless. Have a look at it. -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro ----- Original Message ----- > From: "C. L. Martinez" <carlopmart@xxxxxxxxx> > To: "Discussion about the virtualization on CentOS" <centos-virt@xxxxxxxxxx> > Sent: Thursday, 24 September, 2015 14:52:56 > Subject: Re: OT: adding a wifi adapter to openvswitch > On Thu, Sep 24, 2015 at 2:08 PM, Dmitry E. Mikhailov > <d.mikhailov@xxxxxxxxxxxxxxxxxxxxx> wrote: >> On 09/24/2015 04:47 PM, Alvin Starr wrote: >>> >>> Actually I do a similar thing. >> >> Do you? >> >>> I use a VM as my home/office firewall. >> >> If your laptop/server/smth is permanently wired to the internet, there's no >> problem to bridge this interface to the VM. >> >> But the topic starter wants to connect to the cable or wifi and still have a >> firewall VM. WiFi client connection with WPA(2) PSK encryption does allow >> only the station's MAC in the air. >> >> Thus topic starter needs some hotplug event scripting, wpa_supplicant being >> started manually, fancy ebtables rules to make it work, some way to notice >> the fw WM that network config changed so it would rerun dhclient. Yea, and >> he should have some GUI/TUI to have it managed. No NetworkManager GUI here. >> >>> >>> It works quite well and I would argue it is as secure as your standard >>> firewall based on something like openWRT running on dedicated hardware. >> >> As aforementioned, it's a bit complicated setup. And if you're thinking >> security-wise, imagine you need T#r or some fancy VPN to get your job done >> AND due to some miniscule scripting glitch a SINGLE packet would fly out of >> your real IP address - you're busted. >> >> To be self-assured during such an intimate workout, you'd want to have a >> physical cable to the physical router that's perforing the encryption job. >> No VPN/T#r/smth - no juice. Simple, bulletproof. >> >>> I also run a wireless AP in bridged mode to allow local network access >>> on an appliance. >> >> Do you connect to the AP wirelessly as the client to have a firewall VM >> running over that WiFi? >> >> Or have you connected the AP via cable to the server/router with fw VM to >> provide connectivity to other clients? >> >>> There should be no reason that you could not put both on the same >>> physical hardware. >> >> You could. But it's hard to use in everyday life of typical usage. If the >> user is a sysadm/hacker who doesn't mind issuing several commands from the >> console upon every succesful wifi/wired connection - then welcome! >> >>> As for the openvswitch original question. >>> Openvswitch has an API that you can access to manage your traffic along >>> with supporting Openflow. >>> If you can get events from your wireless interface then you could write >>> some programs to connect to the switch API. >> >> I do want to see a neat solution please. May be I'm just too lazy. >> > > Thank you both for your help, I have done another test. I have setup > another laptop with windows 2012 R2 Hyper-V and I have bridged > wireless interface and assigned this bridge to a vm guest, and voila!! > works without problem. Using some powershell scripts, I can change > between SSID's without problems. Easy, really easy. And I don't need > to use WDS features, > > I don't understand why it doesn't works with CentOS using the same > approach. I am trying using brctl commands, but it doesn't works also > because wlan0 can't authenticate with AP ... > _______________________________________________ > CentOS-virt mailing list > CentOS-virt@xxxxxxxxxx > https://lists.centos.org/mailman/listinfo/centos-virt _______________________________________________ CentOS-virt mailing list CentOS-virt@xxxxxxxxxx https://lists.centos.org/mailman/listinfo/centos-virt