Filter traffic on access point

Multi tool use
Multi tool use

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP





.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty margin-bottom:0;







up vote
-1
down vote

favorite












I am running a Wi-Fi access point on a RPI using hostapd and dnsmasq.
I would like to enforce traffic filtering on the same subnet. Basically I want to forbid some devices to communicate with other devices on the same subnet.



I tried to do it using iptables or ebtables but it seems the traffic does not hit the rules when it goes throught the access point.



Is there a way to enforce traffic filtering ?



I used ap_isolate=1 but this forbids any communication between device on the subnet, I would like to have something more flexible.



Thanks a lot







share|improve this question





















  • Assuming you are talking of Wifi Clients there might be a way, searching for "wifi client isolation" I found this among other things: security.stackexchange.com/questions/16751/…
    – dreua
    Jul 18 at 18:36
















up vote
-1
down vote

favorite












I am running a Wi-Fi access point on a RPI using hostapd and dnsmasq.
I would like to enforce traffic filtering on the same subnet. Basically I want to forbid some devices to communicate with other devices on the same subnet.



I tried to do it using iptables or ebtables but it seems the traffic does not hit the rules when it goes throught the access point.



Is there a way to enforce traffic filtering ?



I used ap_isolate=1 but this forbids any communication between device on the subnet, I would like to have something more flexible.



Thanks a lot







share|improve this question





















  • Assuming you are talking of Wifi Clients there might be a way, searching for "wifi client isolation" I found this among other things: security.stackexchange.com/questions/16751/…
    – dreua
    Jul 18 at 18:36












up vote
-1
down vote

favorite









up vote
-1
down vote

favorite











I am running a Wi-Fi access point on a RPI using hostapd and dnsmasq.
I would like to enforce traffic filtering on the same subnet. Basically I want to forbid some devices to communicate with other devices on the same subnet.



I tried to do it using iptables or ebtables but it seems the traffic does not hit the rules when it goes throught the access point.



Is there a way to enforce traffic filtering ?



I used ap_isolate=1 but this forbids any communication between device on the subnet, I would like to have something more flexible.



Thanks a lot







share|improve this question













I am running a Wi-Fi access point on a RPI using hostapd and dnsmasq.
I would like to enforce traffic filtering on the same subnet. Basically I want to forbid some devices to communicate with other devices on the same subnet.



I tried to do it using iptables or ebtables but it seems the traffic does not hit the rules when it goes throught the access point.



Is there a way to enforce traffic filtering ?



I used ap_isolate=1 but this forbids any communication between device on the subnet, I would like to have something more flexible.



Thanks a lot









share|improve this question












share|improve this question




share|improve this question








edited Jul 19 at 6:18
























asked Jul 18 at 15:58









Mike

11




11











  • Assuming you are talking of Wifi Clients there might be a way, searching for "wifi client isolation" I found this among other things: security.stackexchange.com/questions/16751/…
    – dreua
    Jul 18 at 18:36
















  • Assuming you are talking of Wifi Clients there might be a way, searching for "wifi client isolation" I found this among other things: security.stackexchange.com/questions/16751/…
    – dreua
    Jul 18 at 18:36















Assuming you are talking of Wifi Clients there might be a way, searching for "wifi client isolation" I found this among other things: security.stackexchange.com/questions/16751/…
– dreua
Jul 18 at 18:36




Assuming you are talking of Wifi Clients there might be a way, searching for "wifi client isolation" I found this among other things: security.stackexchange.com/questions/16751/…
– dreua
Jul 18 at 18:36















active

oldest

votes











Your Answer







StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
convertImagesToLinks: false,
noModals: false,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);








 

draft saved


draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f457044%2ffilter-traffic-on-access-point%23new-answer', 'question_page');

);

Post as a guest



































active

oldest

votes













active

oldest

votes









active

oldest

votes






active

oldest

votes










 

draft saved


draft discarded


























 


draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f457044%2ffilter-traffic-on-access-point%23new-answer', 'question_page');

);

Post as a guest













































































H4eIm pAYxsmQ C3a4XjBohseC1YJjkrUkyQKwF6PyIr7mgAeYXCk Oc,rLCnXhxb V8W,brf,Kn
apPUDzEV,hNf2TRv,1CSIBCiHUW6OZPmHjuxUR S5sPrg J4rDYLD,Swd

Popular posts from this blog

How to check contact read email or not when send email to Individual?

How many registers does an x86_64 CPU actually have?

Displaying single band from multi-band raster using QGIS