Am 03.12.2015 um 20:40 schrieb Wegener, Norbert: > In 2007 this has been a question on this list: > http://lists.shmoo.com/pipermail/hostap/2007-October/016418.html > and the answer then was. >> hostapd does not implement the IEEE 802.1X port access entity (PAE) that would actually be >> needed to filter packets. In other words, hostapd alone is not enough implement a wired >> authenticator+port control. > > Is this still true? If so: I did not find much about PAEs. Does anyone know about a PAE implementation on Linux? > > Norbert Wegener the linux kernel recently got a macvlan source mode added upstream which can be exploited for this. I once implemented a driver for this [1]. It needs a libnl patch to work [2]. I'm using this with VLANs only. In order for this to work with non-VLAN stations, you might either choose to add/adopt the sta_add/sta_set_flags driver api or force all stations into some non-zero VLAN. Regards, M. Braun [1] https://stash.fem.tu-ilmenau.de/projects/CAMPUSWLAN/repos/hostapd/commits/1fb5edf07b4c8765ac377f69d1d77bbe0a085833#src/drivers/driver_wiredng.c [2] http://git.fem.tu-ilmenau.de/?p=fem-wlan.git;a=blob;f=package/libs/libnl/patches/0001-macvlan-add-support-for-source-mode.patch;h=4572e10f54bf809bdd3659bcda220d81dfbff63e;hb=refs/heads/femwlan_stage2.kernel3.18.11 > > > > > > > > _______________________________________________ > Hostap mailing list > Hostap@xxxxxxxxxxxxxxxxxxx > http://lists.infradead.org/mailman/listinfo/hostap > _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
