From: Jouni Malinen (jkmaline_at_cc.hut.fi)
Date: 2002-10-12 10:44:24 UTC
On Mon, Sep 30, 2002 at 09:18:01AM -0300, Luiz Felipe Ceglia wrote:
> I have the need to allow some devices only connected to the box's eth0 pass.
eth0?? That's the wired ethernet device, not wireless(?)
> I issued the following commands:
>
> iwpriv wlan0 maccmd 1
> iwpriv wlan0 maccmd 4
> iwpriv wlan0 addmac 01:02:03:04:05:06
These seems to be correct, if you intend to kick out all associated (wireless) stations and in the future allow only station with hwaddr 01:02:03:04:05:06 to authenticate in the future. If you had any associated stations before issuing these commands, they should be deauthenticated and no frames should be accepted from them.
> I can still ping the host I have connected to eth0
Ping from which host? If you are pinging from a station associated to the wireless device (wlan0), it should not be able to ping any hosts in eth0 after this (assuming you do not have another AP that would allow this, etc.).
-- Jouni Malinen PGP id EFC895FA