Re: IEEE 802.11 management frames filtering with nftables

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Jul 25, 2023 at 3:18 PM Michael Richardson <mcr@xxxxxxxxxxxx> wrote:
> Opty <opty77@xxxxxxxxx> wrote:
>     > can I filter IEEE 802.11 management frames with nftables?
>
>     > I want to get rid off
>
>     > root@tplink:~# logread -e 'hostapd: wlan0: STA d8:1f:12:33:9e:aa IEEE
>     > 802.11: did not acknowledge authentication response' | wc -l 12982
>
> I don't think that this is a message about a frame, so whatever nftables does
> makes no difference.
> It's a message from hostapd saying that it got no reply.

Not directly but related.

IIRC from my own experience these messages indicate weak signal of a
device trying to authenticate.

>
>     > flooding the log but I'd also like to know about it in an aggregated
>     > form (like 1/hour). From what I've read so far I got an impression that
>     > those frames won't get it to nftables unless hostapd authenticates the
>     > STA.
>
> I think you'd have to change hostapd code.
> If your goal is to limit that message to once/hour for all stations, that
> probably easy.  If you want to limit it to once/hour/station, then that might
> require more infrastructure to remember things.

Unfortunately (?) won't happen -- low cost/benefit ratio.

I gave up some time ago and started using MAC address filter which
seems to work so far although I can't easily prove it. :-)

Regards,
Opty

_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap




[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux