Blocking Access Point ports / Access Control List #2
Comments
|
Hi Guido, At present, we have just opened up the links between the various interfaces. static void wifi_event_handler(void* arg, esp_event_base_t event_base,
int32_t event_id, void* event_data)
{
if (event_id == WIFI_EVENT_AP_STACONNECTED) {
wifi_event_ap_staconnected_t* event = (wifi_event_ap_staconnected_t*) event_data;
ESP_LOGI(TAG, "station "MACSTR" join, AID=%d",
MAC2STR(event->mac), event->aid);
}
} |
|
Thank you for your answer. I will try it soon! I have another question. I've been looking for the feature of open and close ports for ESP32 AP Mode. What I mean is for e.g. If a user tries to load a web page, he tries to communicate the port 80; but, it happens i recently set the ESP32 to deny all the petition to this port and the user receives no information. All this example is based using the ESP32 as a Modem or a Wifi Repeater just like this project. Doing some research, I found out that lwip stack has an structure called netif. Netif has a function callback that receives input or output packets from an station to the ESP32 as an access point. Esp-gateway has this interface called esp_netif that results is the implementation of lwip's netif structure (I think). I was wondering if i'ts possible to add this callback function to the esp_netif structure or in which way I can implement this feature to this project. I'll really apreciate some guiddance about this. Again, thank you so much for the MAC Address idea. I hope I get an answer about this feature I want to implement. |
|
Hi Guido, A simpler method is to offset the received packet at the bottom layer, read the corresponding port value and filter the packet. This method is suitable for TCP packets. You can use the packet capture tool to view the structure type of the package. How to judge the frame type: by judging the type of the Ethernet packet header flow_control_msg_t msg = {
.packet = rcv_buffer,
.length = size_read
};
commu_buffer = msg.packet;
if (commu_buffer->eth_header_packet.type == PP_HTONS(0x0800)) {
}In addition, for the callback function you mentioned, I’m not sure if this is what you describe. |
|
Thank you so much @tswen. You've been very helpful. I'm already able to see the packet's port! |
|
Hi @tswen. I got a question about the way the PPP netif instance it's used. I was wondering if the order in which the PPP netif instance it's set before the AP netif instance. What I mean it's, what if in the MODEM mode of this gateway project I initialize first the AP netif instance and after that the PPP netif instance. There would be any problem? |
|
You can try it, it doesn't matter in theory |
|
Thank you @tswen. I've already tried and it works. One thing I've been noticed it's that sometimes when I run the project with the "optimization level" in "optimize for performance (O2)" in the Compiler options in the SDK config the synchronization step fails with the Sim Card. This doesn't happen when I put the optimization level in Debug (-Og). I'm using the Sim800L. I hope you can help me with this issue. |
Hi, I'm Guido.
I've been looking at this project and I really want to know if it's possible to add an access control list or restrict the connection ports when other devices connects to the ESP32 at AP MODE.
The text was updated successfully, but these errors were encountered: