[arch-general] hostapd + ap_isolate
Erich Eckner
arch at eckner.net
Sat Oct 23 11:35:09 UTC 2021
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On Sat, 23 Oct 2021, Uwe Sauter via arch-general wrote:
>
>>> Does the following quote, copied from
>>> https://wiki.archlinux.org/title/Network_Debugging#Tcpdump, relevant?
>>
>>> they can only see outbound packets the firewall passes through:
>>> [https://superuser.com/questions/925286/does-tcpdump-bypass-iptables]
>>
>>> Perhaps you should disable the firewall, or loosen it, while debugging.
>>
>> Thanks for the hint, but it does not apply: (one of) the clients doesn't
>> even have a firewall enabled and I still cannot see the packages. To me,
>> it looks, like it doesn't even try to send the pings, because it maybe
>> thinks, the target is not reachable anyways ...
>>
>
>
> From my experience, tcpdump connects to the interface and you will see all
> traffic regardless of firewall settings, given you have the permissions.
>
> In your case I'd first verify that layer 2 is working correctly (layer 2 is
> ethernet or wifi). So I'd use the utilities provided by "wpa_supplicant" or
> "iw" to see if the "hardware connection" is working as expected.
>
> If your wifi card didn't connect on layer 2 it has no reasons to configure
> layer 3 (IP, IPv6) and above.
Well, layer 2 works, if it is needed for connections between the client
and the access point.
Layer 2 should already see mac addresses, right? Can you point me to a
command, which scans on layer 2 for all macs? I seem to only find how to
see the available access points (which works as expected) and using nmap
to ping around - which fails as expected :-/
Do you know any command to query the interface regarding routing
information (similar to what `ip route` does on layer 3 for the whole
machine)?
>
>
> Regards,
>
> Uwe
regards,
Erich
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEE3p92iMrPBP64GmxZCu7JB1Xae1oFAmFz824ACgkQCu7JB1Xa
e1ovXA//cqmtbQ8ZqGh2PKY/ec7B3uq1EDR8iVNQR8t1BC0LFBNDFlisoeVlIm5L
ULlnpdCESNIX0tDNBebj9KsXjIz2cCrrpfTkQES82ndCo+j0LIsf95ql1NBB3QA2
ZkK4IjsNsWD3D9PLVvHgwFOD+EEwY1g9i8GzB/PlE2ckBiXu4PrkG3LJ0S/5PpsS
i04xfdjddXpgTyZCbbpL+33o5S+/Yw4aOdUHfbvJZUxIoj5TNidoLGA41RndNJ9/
SkUXKNw8AA1vUUgdbbo4VL9eCWJgrEe4z1HG1xbQyWKZ67NQtvnh4lLTtAqkJgoo
m+Y50Wc6jP6fPAuKz8PXe+NRF4BbLpsu1dXZNqplbOeBkgpiRdrJmPn8Y7HErtEe
M4o7W54ov8lBT4vsHXD9AGjYY6ododcMKvcePq3/OHh3c9dA4mJUPHYommf4izY5
4pPVLBQXqn6H0UMALXIyFBpOkPCifP1Ghl9ZW9QAoRPF1mbpuavlRBChSD2S0QRq
Em8sfQH5gTJi9ykni5B5uBs4LsP9yBuerRr3hOQhi2nNUgN+agpXyfh7Jfk8yY+D
oYJQ2CfNo9JFolVr0fB18Jq2O27WRsnExPMUjluTcaw8UqkgXNrdYjRG/o0+VfN3
yWjV+vaol6Oap40tIUzxBQxkxgitLUrROQnYp9MBoZ3W1rr5KXg=
=czaz
-----END PGP SIGNATURE-----
More information about the arch-general
mailing list