RE: Current state of security features

From: Keith Heinemann (
Date: 2002-03-07 03:08:07 UTC


> One feature I have seen on Cisco Aironet APs is the ability to

> inter-client forwarding (i.e. all traffic must go out the
ethernet port) -

> can this be done on the AP software for Linux ?

        I have in the past faked this kind of thing on ethernet by blocking broadcast/multicast frames. if you block broadcasts, machines can no longer find each other, though they communicate just fine if you use static arps. this isn't perfect from a security standpoint if evestropping is employed, but it will keep a casual user from 'pinging around' in their subnet.

        disabling inter-client repeating would be a great feature!         



This archive was generated by hypermail 2.1.4.