[hostapd] Multicast packets not encrypted

linux-wireless.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Dennis Borgmann <dennis.borgmann@googlemail.com>
To: hostap@lists.shmoo.com
Cc: linux-wireless@vger.kernel.org
Subject: [hostapd] Multicast packets not encrypted
Date: Thu, 26 May 2011 23:25:40 +0200	[thread overview]
Message-ID: <4DDEC554.9080702@googlemail.com> (raw)

Hi!

I am using an encrypted connection with two dedicated devices using 
freeradius and hostapd with eap encryption - respectively 
wpa_supplicant. Everything is working fine, except transmission of 
multicast packets.

I put an independant device into monitor mode and - as to be expected - 
I can only see encrypted packets. Apart from multicast packets - those I 
can read in plain.

How can this be?

On the machines using the wireless encryption this routing table is present:

:~# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use 
Iface
10.0.0.0        0.0.0.0         255.0.0.0       U     0      0        0 
wlan0
224.0.0.0       0.0.0.0         240.0.0.0       U     0      0        0 
wlan0

Once I issue a

ping 224.0.0.1

I can read the ping packets in plain on the machine with the wireless 
card in monitor mode. Apart from that, the machine, that should receive 
the multicast packet, does not "see" the multicast packets (nothing to 
see in tcpdump of the respective receiver device, that is part of the 
encrypted connection).

Any suggestions?

Best regards,
Dennis

                 reply	other threads:[~2011-05-26 21:25 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4DDEC554.9080702@googlemail.com \
    --to=dennis.borgmann@googlemail.com \
    --cc=hostap@lists.shmoo.com \
    --cc=linux-wireless@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).