ebtables interaction hostapd
I have setup an 802.1x with EAP-TLS environment with hostap and a freeradius-server. XP clients can successfully authenticate themselfs.
Used machines:
- one OpenSuse11 setup as a bridge with hostap, brctl and ebtables installed
- one OpenSuse11 setup as freeradius
- one XP client machine
But the problem is how to connect the hostapd with ebtables. If a client successfully authenticates (= Access-accept message), allow traffic from this client to pass the bridge.
It would be feasible to parse the logs of the hostapd and adapt the ebtable rules. F.i. if a mac-address gets an access accept message then perform ebtables -t broute -A mac -j ACCEPT.
Is there another way to do the interaction between ebtables and hostap? What is the purpose of hostap if it can authenticate clients but doesn't act on client authentication. I know hostap doesn't have a port access entity.
Thanks in advance!
|