OpenWrt Forum Archive

Topic: How to kick/deauth a 802.11/WiFi client

The content of this topic has been archived on 4 May 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

It is embarrassing how long it took me to find how to do this properly. Google failed in this instance. I am posting this here in the hopes that this will help others in the future.

This is how you kick/deauthenticate a client from the command line.

# This is the official/proper way to /kickdeathenticate a client. However, this requires hostapd_cli, which is not installed by default.
# Install the "hostapd-utils" package for hostapd_cli.
hostapd_cli deauthenticate $MAC_ADDRESS

# Note that for a multi-radio AP (most are these days), you will need to specify the radio/interface the client is on:
hostapd_cli -i wlan0 deauthenticate $MAC_ADDRESS

# This method does not send a deauth packet. It literally just drops the client dead from the auth table without a proper goodbye.
iw dev $IFACE station del $MAC_ADDRESS

Note that a client may reasonable choose to immediately reconnect if they are deauthenticated... or maybe not. I get the impression that this is not defined in the 802.11 specifications so it's up to the client to decide how to behave, otherwise there would probably be a temp-deauth and perm-deauth type message for kicking clients temporarily (AP reboot) or permanently (GTFO my network and don't retry).

Also take note that as of this time, openwrt does NOT log client disconnects, which is not good in my option. Set "option log_level 1" in your "config wifi-device" section of your "wireless" file. The default is 2, 1 will show disconnects.

I needed to deauth clients for troubleshooting purposes.

(Last edited by jmomo on 4 Feb 2016, 11:40)

You can use ubus calls to kick clients, no need to install hostapd-cli.

ubus call hostapd.wlan0 del_client '{"addr":"00:00:ca:ff:ee:00", "reason":1, "deauth":true, "ban_time":1000}'

If you specify a "ban_time" then the client is not allowed to reassociate for the given amount of milliseconds, leave it out to allow clients to reconnect immediately.

The reason is one of the WLAN_REASON_* defines from https://w1.fi/wpa_supplicant/devel/ieee … fs_8h.html

jow wrote:

You can use ubus calls to kick clients, no need to install hostapd-cli.

ubus call hostapd.wlan0 del_client '{"addr":"00:00:ca:ff:ee:00", "reason":1, "deauth":true, "ban_time":1000}'

If you specify a "ban_time" then the client is not allowed to reassociate for the given amount of milliseconds, leave it out to allow clients to reconnect immediately.

The reason is one of the WLAN_REASON_* defines from https://w1.fi/wpa_supplicant/devel/ieee … fs_8h.html


WOoooooo!  Thanks jow. That doc link is exactly the kind of thing I wanted to see. I'm going to be looking that over.

Also why is the website crawling? It has been like that for the last two days. I'm in the US, Seattle WA area.

(Last edited by jmomo on 4 Feb 2016, 11:43)

jow wrote:

You can use ubus calls to kick clients, no need to install hostapd-cli.

ubus call hostapd.wlan0 del_client '{"addr":"00:00:ca:ff:ee:00", "reason":1, "deauth":true, "ban_time":1000}'

If you specify a "ban_time" then the client is not allowed to reassociate for the given amount of milliseconds, leave it out to allow clients to reconnect immediately.

The reason is one of the WLAN_REASON_* defines from https://w1.fi/wpa_supplicant/devel/ieee … fs_8h.html

How can I unban a banned MAC address from this command?

(Last edited by hillz on 29 Jan 2017, 19:28)

with murder death kill of course

I know this is an old question, but couldn't find the answer.

- how can I unban a client after I run

ubus call del_client

command?
- Does pass

ban_time: 0

unban the client?


thanks!

carlitonueno wrote:

- Does pass

ban_time: 0

unban the client?


thanks!

yes

@hillz thanks!

The discussion might have continued from here.