Source code pulled from OpenBSD for OpenNTPD. The place to contribute to this code is via the OpenBSD CVS tree.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

86 lines
2.3 KiB

18 years ago
18 years ago
  1. # $OpenBSD: hostapd.conf,v 1.11 2007/02/27 20:53:45 david Exp $
  2. # sample hostapd configuration file
  3. # see hostapd.conf(5)
  4. # "wavelan is a battle field"
  5. #
  6. # Macros
  7. #
  8. # Define macros for the interfaces to be used by hostapd. The "wlan"
  9. # interface is optional.
  10. wlan="ath0"
  11. wired="sis0"
  12. #
  13. # Tables
  14. #
  15. # Define the MAC addresses (BSSIDs) for your accesspoints in a table.
  16. table <myess> {
  17. 00:90:4b:0d:fd:c8,
  18. 00:02:6f:21:ea:8b
  19. }
  20. # Address masks are providing a simple way to match by MAC vendor ID.
  21. #
  22. # table <senao> { 00:02:6f:ff:ff:ff & ff:ff:ff:00:00:00 }
  23. #
  24. # Global options
  25. #
  26. # Comment this option to run hostapd in passive IAPP logging mode.
  27. set hostap interface $wlan
  28. # Use default radiotap mode.
  29. set hostap mode radiotap
  30. # Uncomment these options to jump to the next channel every 2 seconds.
  31. #set hostap hopper interface $wlan
  32. #set hostap hopper delay 2000
  33. # Use multicast (according to the revised standard).
  34. set iapp interface $wired
  35. set iapp mode multicast
  36. # The following mode is compatible to some pre-standard IAPP implementations
  37. #set iapp mode broadcast port 2313
  38. #
  39. # Event rules
  40. #
  41. # Log probe requests.
  42. hostap handle type management subtype probe request \
  43. with iapp type radiotap
  44. # Log and annoy foreign accesspoints.
  45. #
  46. # This will be logged as well but the important thing is to
  47. # annoy other accesspoints in your wireless territory.
  48. hostap handle type data bssid !<myess> \
  49. with frame type management subtype deauth reason auth expire \
  50. from &bssid to ff:ff:ff:ff:ff:ff bssid &bssid
  51. # The first de-auth example will not work with some newer stuff, like
  52. # iwi(4)/ipw(4) "centrino", because they ignore management frames to
  53. # the broadcast address as a countermeasure against the "void11"
  54. # attack.
  55. #
  56. # hostap handle type data bssid !<myess> \
  57. # with frame type management subtype deauth reason auth expire \
  58. # from &bssid to &from bssid &bssid
  59. # Detect flooding of management frames except beacons.
  60. # This will detect some possible Denial of Service attacks
  61. # against the IEEE 802.11 protocol (like "void11").
  62. hostap handle skip type management subtype ! beacon \
  63. with log \
  64. rate 100 / 10 sec
  65. # Finally log any rogue accesspoints limited to every second.
  66. hostap handle skip type management subtype beacon bssid !<myess> \
  67. with iapp type radiotap limit 1 sec