On Tue, Jul 25, 2023 at 3:18 PM Michael Richardson <mcr@xxxxxxxxxxxx> wrote: > Opty <opty77@xxxxxxxxx> wrote: > > can I filter IEEE 802.11 management frames with nftables? > > > I want to get rid off > > > root@tplink:~# logread -e 'hostapd: wlan0: STA d8:1f:12:33:9e:aa IEEE > > 802.11: did not acknowledge authentication response' | wc -l 12982 > > I don't think that this is a message about a frame, so whatever nftables does > makes no difference. > It's a message from hostapd saying that it got no reply. Not directly but related. IIRC from my own experience these messages indicate weak signal of a device trying to authenticate. > > > flooding the log but I'd also like to know about it in an aggregated > > form (like 1/hour). From what I've read so far I got an impression that > > those frames won't get it to nftables unless hostapd authenticates the > > STA. > > I think you'd have to change hostapd code. > If your goal is to limit that message to once/hour for all stations, that > probably easy. If you want to limit it to once/hour/station, then that might > require more infrastructure to remember things. Unfortunately (?) won't happen -- low cost/benefit ratio. I gave up some time ago and started using MAC address filter which seems to work so far although I can't easily prove it. :-) Regards, Opty _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap