2016-02-05 06:22:58

by brian demsky

Subject: Finer grained control than ap_isolate

Is there a mechanism that can be used to allow some clients/ports on a
given SSID and AP to communicate, but to block others from
communicating?

In other words, can I implement something like firewall rules between
clients on the same SSID/AP?

Thanks,
Brian

2016-02-05 10:24:58

by Felix Fietkau

Subject: Re: Finer grained control than ap_isolate

On 2016-02-05 07:22, brian demsky wrote:
> Is there a mechanism that can be used to allow some clients/ports on a
> given SSID and AP to communicate, but to block others from
> communicating?
>
> In other words, can I implement something like firewall rules between
> clients on the same SSID/AP?
You might be able to use ap_isolate + bridge hairpin mode + ebtables.

- Felix