summaryrefslogtreecommitdiff
path: root/sbin
diff options
context:
space:
mode:
authorStefan Sperling <stsp@cvs.openbsd.org>2019-05-12 18:12:39 +0000
committerStefan Sperling <stsp@cvs.openbsd.org>2019-05-12 18:12:39 +0000
commit49dd31dd5a852757b2818bb6cb06e47359a2805f (patch)
tree243bc3b93e297de5c5ad8f7921e792ab2eab9913 /sbin
parent2a03bceaad425dceec26ca3e65f26b2bf6e157fe (diff)
Fix 'ifconfig nwflags; These flags ended up overlapping with other flags
in ieee80211com's ic_flags because we haven't been paying attention to them (they're not in the same place in the code and hence easy to miss). Move them to a dedicated variable to avoid this problem in the future. Add a new 'stayauth' nwflag which can be set to let net80211 ignore deauth frames. This can be useful when deauth frames are being persistently spoofed by an attacker. Idea from beck@ ok beck@ phessler@
Diffstat (limited to 'sbin')
-rw-r--r--sbin/ifconfig/ifconfig.821
1 files changed, 15 insertions, 6 deletions
diff --git a/sbin/ifconfig/ifconfig.8 b/sbin/ifconfig/ifconfig.8
index c28490708f7..9eaa85c22fa 100644
--- a/sbin/ifconfig/ifconfig.8
+++ b/sbin/ifconfig/ifconfig.8
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ifconfig.8,v 1.335 2019/05/10 18:27:50 akoshibe Exp $
+.\" $OpenBSD: ifconfig.8,v 1.336 2019/05/12 18:12:37 stsp Exp $
.\" $NetBSD: ifconfig.8,v 1.11 1996/01/04 21:27:29 pk Exp $
.\" $FreeBSD: ifconfig.8,v 1.16 1998/02/01 07:03:29 steve Exp $
.\"
@@ -31,7 +31,7 @@
.\"
.\" @(#)ifconfig.8 8.4 (Berkeley) 6/1/94
.\"
-.Dd $Mdocdate: May 10 2019 $
+.Dd $Mdocdate: May 12 2019 $
.Dt IFCONFIG 8
.Os
.Sh NAME
@@ -969,22 +969,31 @@ Show the list of currently configured auto-join networks.
Remove all networks in the list of auto-join networks.
.It Cm nwflag Ar flag
Set specified flag.
-The flag name can be either
-.Ql hidenwid
-or
-.Ql nobridge .
+The flag name can be:
+.Bl -tag -width tenletters
+.It hidenwid
The
.Ql hidenwid
flag will hide the network ID (ESSID) in beacon frames when operating
in Host AP mode.
It will also prevent responses to probe requests with an unspecified
network ID.
+.It nobridge
The
.Ql nobridge
flag will disable the direct bridging of frames between associated
nodes when operating in Host AP mode.
Setting this flag will block and filter direct inter-station
communications.
+.It stayauth
+The
+.Ql stayauth
+flag will cause the interface to ignore deauth frames.
+This flag should only be used on wifi networks which are being
+attacked with spoofed deauth frames.
+It breaks interoperability with spectrum management solutions and access
+points that perform band-steering of clients.
+.El
.Pp
Note that the
.Ql hidenwid