fragattacks/src/l2_packet
Davide Caratti d89edb6112 wpa_supplicant: Don't reply to EAPOL if pkt_type is PACKET_OTHERHOST
When wpa_supplicant is running on a Linux interface that is configured in
promiscuous mode, and it is not a member of a bridge, incoming EAPOL
packets are processed regardless of the Destination Address in the frame.
As a consequence, there are situations where wpa_supplicant replies to
EAPOL packets that are not destined for it.

This behavior seems undesired (see IEEE Std 802.1X-2010, 11.4.a), and can
be avoided by attaching a BPF filter that lets the kernel discard packets
having pkt_type equal to PACKET_OTHERHOST.

Signed-off-by: Davide Caratti <davide.caratti@gmail.com>
2018-04-02 12:21:27 +03:00
..
l2_packet_freebsd.c Work around Linux packet socket regression 2015-01-31 17:21:58 +02:00
l2_packet_linux.c wpa_supplicant: Don't reply to EAPOL if pkt_type is PACKET_OTHERHOST 2018-04-02 12:21:27 +03:00
l2_packet_ndis.c Work around Linux packet socket regression 2015-01-31 17:21:58 +02:00
l2_packet_none.c Work around Linux packet socket regression 2015-01-31 17:21:58 +02:00
l2_packet_pcap.c Fix wpa_supplicant build with CONFIG_L2_PACKET=pcap 2016-01-01 16:50:24 +02:00
l2_packet_privsep.c Remove trailing whitespace 2016-12-28 14:31:42 +02:00
l2_packet_winpcap.c Work around Linux packet socket regression 2015-01-31 17:21:58 +02:00
l2_packet.h wpa_supplicant: Don't reply to EAPOL if pkt_type is PACKET_OTHERHOST 2018-04-02 12:21:27 +03:00
Makefile tests: Add eapol-fuzzer 2015-04-22 11:44:19 +03:00