The content of this topic has been archived on 5 May 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.
Filtering (iptables) betweend wifi, lan and wan works without troubles.
Is possible to filter communication on wifi device?
When is set ap_isolated, then clients cannot communicate between them.
When is not isolated set, then no communication can be blocked.
How to filter and is it possible?
What do you mean by filtering ? For me AP isolation is fine. If you want more advanced filtering, then you have to dedicate a tun interface to each Wi-Fi client you have, and this usually requires chillispot and logging/authentication system behind.
filtering = to use iptables
interface for each wifi client? .... brrr
is anyone different method?
(Last edited by reset on 3 Jan 2006, 23:36)
To filter between wireless clients using iptables would require that each wireless client is on a different VLAN, so that packets go through the Linux routing engine (and therefore also iptables).
As far as I know, this is not possible. Any filtering you want to do would need to be done at Layer 2 (in the wireless ethernet layer), whereas iptables operates at layer 3 (in the IP stack). There is no layer 2 filtering in the wireless hardware or software.
So the answer is no, you can't do this.
disadvantage, ... thx
To filter between wireless clients using iptables would require that each wireless client is on a different VLAN, so that packets go through the Linux routing engine (and therefore also iptables).
Alternatively, configure each wireless client on a seperate /30 subnet, and configure a virtual interface on the wireless interface with the other half of the /30 subnet.
That will force all traffic from the wireless client through the WRT, so you can firewall/route/etc to your heart's content.
Cheers,
Martin.
uu, good idea,
i will try soon, thx
The discussion might have continued from here.