From 49dd31dd5a852757b2818bb6cb06e47359a2805f Mon Sep 17 00:00:00 2001 From: Stefan Sperling Date: Sun, 12 May 2019 18:12:39 +0000 Subject: Fix 'ifconfig nwflags; These flags ended up overlapping with other flags in ieee80211com's ic_flags because we haven't been paying attention to them (they're not in the same place in the code and hence easy to miss). Move them to a dedicated variable to avoid this problem in the future. Add a new 'stayauth' nwflag which can be set to let net80211 ignore deauth frames. This can be useful when deauth frames are being persistently spoofed by an attacker. Idea from beck@ ok beck@ phessler@ --- sbin/ifconfig/ifconfig.8 | 21 +++++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) (limited to 'sbin/ifconfig') diff --git a/sbin/ifconfig/ifconfig.8 b/sbin/ifconfig/ifconfig.8 index c28490708f7..9eaa85c22fa 100644 --- a/sbin/ifconfig/ifconfig.8 +++ b/sbin/ifconfig/ifconfig.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ifconfig.8,v 1.335 2019/05/10 18:27:50 akoshibe Exp $ +.\" $OpenBSD: ifconfig.8,v 1.336 2019/05/12 18:12:37 stsp Exp $ .\" $NetBSD: ifconfig.8,v 1.11 1996/01/04 21:27:29 pk Exp $ .\" $FreeBSD: ifconfig.8,v 1.16 1998/02/01 07:03:29 steve Exp $ .\" @@ -31,7 +31,7 @@ .\" .\" @(#)ifconfig.8 8.4 (Berkeley) 6/1/94 .\" -.Dd $Mdocdate: May 10 2019 $ +.Dd $Mdocdate: May 12 2019 $ .Dt IFCONFIG 8 .Os .Sh NAME @@ -969,22 +969,31 @@ Show the list of currently configured auto-join networks. Remove all networks in the list of auto-join networks. .It Cm nwflag Ar flag Set specified flag. -The flag name can be either -.Ql hidenwid -or -.Ql nobridge . +The flag name can be: +.Bl -tag -width tenletters +.It hidenwid The .Ql hidenwid flag will hide the network ID (ESSID) in beacon frames when operating in Host AP mode. It will also prevent responses to probe requests with an unspecified network ID. +.It nobridge The .Ql nobridge flag will disable the direct bridging of frames between associated nodes when operating in Host AP mode. Setting this flag will block and filter direct inter-station communications. +.It stayauth +The +.Ql stayauth +flag will cause the interface to ignore deauth frames. +This flag should only be used on wifi networks which are being +attacked with spoofed deauth frames. +It breaks interoperability with spectrum management solutions and access +points that perform band-steering of clients. +.El .Pp Note that the .Ql hidenwid -- cgit v1.2.3