OpenWrt/LEDE Project

  • Status Researching
  • Percent Complete
    0%
  • Task Type Bug Report
  • Category Base system
  • Assigned To No-one
  • Operating System All
  • Severity Low
  • Priority Very Low
  • Reported Version Trunk
  • Due in Version Undecided
  • Due Date Undecided
  • Private
Attached to Project: OpenWrt/LEDE Project
Opened by Martin Weinelt - 13.12.2019

FS#2673 - rsn_preauth_interface should be configurable

OpenWrt currently automatically uses the client-facing interface ($network_bridge) as rsn_preauth_interface.

https://git.openwrt.org/?p=openwrt/openwrt.git;a=blob;f=package/network/services/hostapd/files/hostapd.sh;h=4bf6a6c9712785f40d059445f80f19d4f2992f4b;hb=HEAD#l554

It would be preferable to be able to configure this manually, since this is the interface where 802.11i preauthentication frames are transmitted over. This should not be mixed with the actual client network.

The hostapd configuration says the following:

# Space separated list of interfaces from which pre-authentication frames are
# accepted (e.g., 'eth0' or 'eth0 wlan0wds0'. This list should include all
# interface that are used for connections to other APs. This could include
# wired interfaces and WDS links. The normal wireless data interface towards
# associated stations (e.g., wlan0) should not be added, since
# pre-authentication is only used with APs other than the currently associated
# one.
#rsn_preauth_interfaces=eth0
Martin Weinelt commented on 14.12.2019 15:30

On second thought without something to forward those frames to the management interface that wouldn't work either.

The `rsn_preauth_copy_iface` option was unfortunately never merge.
https://lists.infradead.org/pipermail/hostap/2016-February/035080.html

Project Manager
Daniel Golle commented on 29.01.2020 06:40

I believe something like rsn_preauth_copy-iface will be needed when using AP-STA isolation and bridge port isolation (which is common in public networks)...

Loading...

Available keyboard shortcuts

Tasklist

Task Details

Task Editing