From: Santiago Garcia Mantinan (hostap_at_manty.net)
Date: 2002-07-15 16:44:17 UTC
Hi!
I'm new to this so sorry if I'm asking something silly, maybe I didn't understand this well :-?
I'm running an AP using hostap on a prism 2.5 card (conceptronic) and I'd like to have this in open mode, so I configured it with a key and told it to be in open mode, iwconfig confirms this:
Mode:Master
Encryption key:XXXX-XXXX-XXXX-XXXX-XXXX-XXXX-XX Encryption mode:open
Also I have some clients using also the hostap driver and if I configure them to use the same key as the AP it works, but if I tell them to use no key at all they don't. When not working iwconfig confirms that they are not using any key:
Mode:Managed
Encryption key:off
Doing tcpdumps on both machines one can see what is going on, and seems to me like the outgoing packages of the AP to this unencrypted machine are going encrypted, as the receiving machine doesn't show them. Could this be it?
If so... are there any fixes available? maybe it is just that I'm doing something wrong, as I have tried from last released driver to latest cvs and they all behave this way.
This is the tcpdump on the managed machine:
11:03:58.321977 arp who-has 192.168.0.1 tell 192.168.0.2 11:03:59.320564 arp who-has 192.168.0.1 tell 192.168.0.2 11:04:00.320553 arp who-has 192.168.0.1 tell 192.168.0.2
And this is the same on the AP:
11:03:48.992788 arp who-has 192.168.0.1 tell 192.168.0.2 11:03:48.992831 arp reply 192.168.0.1 is-at 0:50:c2:1:9b:99 11:03:48.993100 arp who-has 192.168.0.1 tell 192.168.0.2 11:03:49.991415 arp who-has 192.168.0.1 tell 192.168.0.2 11:03:49.991454 arp reply 192.168.0.1 is-at 0:50:c2:1:9b:99 11:03:49.991726 arp who-has 192.168.0.1 tell 192.168.0.2 11:03:50.991277 arp who-has 192.168.0.1 tell 192.168.0.2 11:03:50.991316 arp reply 192.168.0.1 is-at 0:50:c2:1:9b:99 11:03:50.991582 arp who-has 192.168.0.1 tell 192.168.0.2
I was wondering why the double arp packages but I suppose that is ok as it only happens when the receving station doesn't understand the sending one, if they are working ok then there is only one arp request.
One thing I was wondering around all this, is there any way to differenciate the packages that came encrypted from those that didn't? This is looking to cutting some ports with iptables for the machines that are not encrypted and things like that.
Thanks in advance...
-- Manty/BestiaTester -> http://manty.net