mac filter broken on TP-Link 1043ND v4
Username: Guido
Origin: https://bugs.openwrt.org/index.php?do=details&task_id=1699
Hello,
I’m using a TP-Link 1043ND v4 before the LEDE 18.x RC1 release the mac filter was working fine.
Now it seems some devices are not being able to be connected to wifi (points to the iphone 6) but other devices are able to connect properly.
my reproduction steps:
I followed this guide
https://wiki.openwrt.org/doc/recipes/routedap
of course I’m aware that the guide is a little bit outdated and in some configurations I shouldn’t use quotes.
after this I gave my wifi interface the following network address:
lan:
-
ip: 10.234.53.1 - 10.234.53.250
-
dns given out by dhcp: 6,10.234.53.34
wifi:
-
ip: 10.234.80.1 - 10.234.80.250
-
dns given out by dhcp: 6,10.234.53.34
-
then I went inside the luci ui to the wireless options:
-
I called my SSID: H1F1v3
-
then I selected “Hide ESSID” and WMM to.
-
then I went “Advanced options (tab)” and changed my country code to Netherlands and selected “Allow legacy 802.11b rates”.
-
then I went to the tab wireless security I used WPA2-PSK encryption with the following cipher: “Force TKIP and CCMP (AES)” with a key of 120 characters long.
-
I also checked the option “Enable key reinstallation (KRACK) countermeasures”
-
then I saved the configuration at this point all my devices were able to connect fine.
-
then I changed the mac filter and added all my devices, all devices would be able to connect but my iphone fails to connect.
my log showed this I suspect but I’m not to sure but is the mac filter also deauthing normal routers?, there are alot of unknown mac addresses in this list aswell:
(Note i’ve masked mac addresses, this rebind attack message is just a local ip on the domain name)
Fri Jul 27 21:08:09 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:09 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:09 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:09 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:09 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:09 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:09 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:11 2018 daemon.warn dnsmasq[1741]: possible DNS-rebind attack detected: pfsense.0c3.eu Fri Jul 27 21:08:15 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:15 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:15 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:15 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:15 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:15 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:16 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:16 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:16 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:16 2018 daemon.warn dnsmasq[1741]: possible DNS-rebind attack detected: pfsense.0c3.eu Fri Jul 27 21:08:21 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:21 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:22 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:22 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:22 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:22 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:22 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:23 2018 daemon.warn dnsmasq[1741]: possible DNS-rebind attack detected: pfsense.0c3.eu Fri Jul 27 21:08:27 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:27 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:27 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:28 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:28 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:28 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:28 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:28 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:29 2018 daemon.warn dnsmasq[1741]: possible DNS-rebind attack detected: pfsense.0c3.eu Fri Jul 27 21:08:33 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:34 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:34 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:34 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:34 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:34 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:34 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:34 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:34 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:35 2018 daemon.warn dnsmasq[1741]: possible DNS-rebind attack detected: pfsense.0c3.eu Fri Jul 27 21:08:39 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:40 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:40 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:40 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:40 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:40 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:40 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:40 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:40 2018 daemon.warn dnsmasq[1741]: possible DNS-rebind attack detected: pfsense.0c3.eu Fri Jul 27 21:08:45 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:46 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:46 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:46 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:46 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:46 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:46 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:46 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:46 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:46 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:46 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:46 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:47 2018 daemon.warn dnsmasq[1741]: possible DNS-rebind attack detected: pfsense.0c3.eu Fri Jul 27 21:08:49 2018 daemon.notice hostapd: Station 5e:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:49 2018 daemon.notice hostapd: Station 5e:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:49 2018 daemon.notice hostapd: Station 5e:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:49 2018 daemon.notice hostapd: Station 5e:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:49 2018 daemon.notice hostapd: Station 5e:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:49 2018 daemon.notice hostapd: Station 5e:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:52 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:52 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:52 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:52 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:52 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:52 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:52 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:52 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:52 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:52 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:52 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:52 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:52 2018 daemon.notice hostapd: Station ba:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:52 2018 daemon.notice hostapd: Station ba:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:53 2018 daemon.notice hostapd: Station 3a:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:53 2018 daemon.notice hostapd: Station 62:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:53 2018 daemon.notice hostapd: Station 62:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:53 2018 daemon.notice hostapd: Station fe:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:53 2018 daemon.notice hostapd: Station fe:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:53 2018 daemon.notice hostapd: Station 1e:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:53 2018 daemon.notice hostapd: Station 1e:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:53 2018 daemon.warn dnsmasq[1741]: possible DNS-rebind attack detected: pfsense.0c3.eu Fri Jul 27 21:08:58 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate Fri Jul 27 21:08:58 2018 daemon.notice hostapd: Station b0:xx:xx:xx:xx:xx not allowed to authenticate