이 이상한 패킷은 무엇입니까? 알파인 리눅스에서 hostapd.
나는 AP를 구성하고 tcpdump를보고 있는데 다음과 같은 것들이있다.
<pi2b># tcpdump -epfi any not tcp or 'tcp[tcpflags] & (tcp-syn|tcp-fin) != 0'
22:31:25.676970 P 2c:fa:c4:9b:3a:3a (oui Unknown) ethertype Unknown (0x215a), length 902:
0x0000: 2367 8507 2bf2 a118 d6b0 95d0 635a c9dd #g..+.......cZ..
0x0010: a97e 4a48 5e75 931f 8add 0e58 1c61 52ac .~JH^u.....X.aR.
0x0020: 4724 53db 8058 b235 4118 49f6 1cac 83f1 G$S..X.5A.I.....
0x0030: 1a10 4c2c ee3d b765 c707 4d2f c8b7 ca17 ..L,.=.e..M/....
0x0040: ad14 87f8 1e83 0123 9410 937f 9059 e691 .......#.....Y..
0x0050: 3414 1bcf 2a52 0db4 2def 9d4f b131 8363 4...*R..-..O.1.c
0x0060: 1da7 ef38 2c8f e1f1 b62a 558f 857c 53e7 ...8,....*U..|S.
0x0070: 91cd 0229 d4db 155f 9097 5904 1d7e 12ed ...)..._..Y..~..
0x0080: 2554 c441 4273 db20 b25d 630b 5010 9b05 %T.ABs...]c.P...
0x0090: 1723 6ae8 1760 4e72 13e6 3b96 08f5 85ea .#j..`Nr..;.....
더 나아가,이 pkts 앞에는 HP 랩탑의 'ipx'트래픽이있었습니다.
# grep -E "802\.[23]|ethertype Unknown| [A-Z] " ~/tmp/odd.dump.txt
22:29:17.025687 M 70:77:81:6a:f8:9b (oui Unknown) ethertype IPv4 (0x0800), length 211: hp_wifi.38206 > upnp_mcast.1900: UDP, length 167
22:29:17.026113 Out 70:77:81:6a:f8:9b (oui Unknown) 802.3, length 225: 934b4000.01:11:e6:67:0a:18.0565 > 7077816a.f8:9b:08:00:45:00.00c3: ipx-#c3 24161
22:29:18.027141 M 70:77:81:6a:f8:9b (oui Unknown) ethertype IPv4 (0x0800), length 211: hp_wifi.38206 > upnp_mcast.1900: UDP, length 167
22:29:18.027522 Out 70:77:81:6a:f8:9b (oui Unknown) 802.3, length 225: 943a4000.01:11:e5:78:0a:18.0565 > 7077816a.f8:9b:08:00:45:00.00c3: ipx-#c3 24161
22:29:19.028632 M 70:77:81:6a:f8:9b (oui Unknown) ethertype IPv4 (0x0800), length 211: hp_wifi.38206 > upnp_mcast.1900: UDP, length 167
22:29:19.029001 Out 70:77:81:6a:f8:9b (oui Unknown) 802.3, length 225: 946d4000.01:11:e5:45:0a:18.0565 > 7077816a.f8:9b:08:00:45:00.00c3: ipx-#c3 24161
22:29:20.030081 M 70:77:81:6a:f8:9b (oui Unknown) ethertype IPv4 (0x0800), length 211: hp_wifi.38206 > upnp_mcast.1900: UDP, length 167
22:29:20.030447 Out 70:77:81:6a:f8:9b (oui Unknown) 802.3, length 225: 946f4000.01:11:e5:43:0a:18.0565 > 7077816a.f8:9b:08:00:45:00.00c3: ipx-#c3 24161
22:30:21.991948 M c8:94:bb:61:f5:0c (oui Unknown) ethertype IPv6 (0x86dd), length 72: fe80::ca94:bbff:fe61:f50c > ff02::2: ICMP6, router solicitation, length 16
22:30:21.992265 Out c8:94:bb:61:f5:0c (oui Unknown) 802.3, length 86: 00103aff.fe:80:00:00:00:00.0000 > c894bb61.f5:0c:86:dd:60:00.0000: ipx-#0 -30
22:30:28.482023 B a0:02:dc:de:f6:f6 (oui Unknown) ethertype IPv4 (0x0800), length 344: 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from a0:02:dc:de:f6:f6 (oui Unknown), length 300
22:30:28.482311 Out a0:02:dc:de:f6:f6 (oui Unknown) 802.3, length 358: 78170000.40:11:01:8f:00:00.0000 > a002dcde.f6:f6:08:00:45:00.0148: ipx-#148 65505
22:31:17.026677 M 70:77:81:6a:f8:9b (oui Unknown) ethertype IPv4 (0x0800), length 211: hp_wifi.37712 > upnp_mcast.1900: UDP, length 167
22:31:17.027056 Out 70:77:81:6a:f8:9b (oui Unknown) 802.3, length 225: 978d4000.01:11:e2:25:0a:18.0565 > 7077816a.f8:9b:08:00:45:00.00c3: ipx-#c3 24161
22:31:18.028285 M 70:77:81:6a:f8:9b (oui Unknown) ethertype IPv4 (0x0800), length 211: hp_wifi.37712 > upnp_mcast.1900: UDP, length 167
22:31:18.028654 Out 70:77:81:6a:f8:9b (oui Unknown) 802.3, length 225: 97a44000.01:11:e2:0e:0a:18.0565 > 7077816a.f8:9b:08:00:45:00.00c3: ipx-#c3 24161
22:31:19.029287 M 70:77:81:6a:f8:9b (oui Unknown) ethertype IPv4 (0x0800), length 211: hp_wifi.37712 > upnp_mcast.1900: UDP, length 167
22:31:19.029658 Out 70:77:81:6a:f8:9b (oui Unknown) 802.3, length 225: 982a4000.01:11:e1:88:0a:18.0565 > 7077816a.f8:9b:08:00:45:00.00c3: ipx-#c3 24161
22:31:20.030593 M 70:77:81:6a:f8:9b (oui Unknown) ethertype IPv4 (0x0800), length 211: hp_wifi.37712 > upnp_mcast.1900: UDP, length 167
22:31:20.030957 Out 70:77:81:6a:f8:9b (oui Unknown) 802.3, length 225: 986e4000.01:11:e1:44:0a:18.0565 > 7077816a.f8:9b:08:00:45:00.00c3: ipx-#c3 24161
22:31:25.676970 P 2c:fa:c4:9b:3a:3a (oui Unknown) ethertype Unknown (0x215a), length 902:
22:31:25.677334 M 88:70:0a:ee:b6:f3 (oui Unknown) ethertype Unknown (0x60b7), length 390:
...snip...
22:31:27.488990 P 75:31:2a:e5:f2:51 (oui Unknown) ethertype Unknown (0xb188), length 390:
22:31:27.554032 P 77:ea:1e:20:37:57 (oui Unknown) ethertype Unknown (0xa417), length 902:
22:31:27.662749 M d5:00:70:38:78:9d (oui Unknown) 802.2, length 902: LLC, dsap Unknown (0x78) Group, ssap SNA (0x04) Response, ctrl 0x8461: Supervisory, Receiver Ready, rcv seq 66, Flags [Response], length 886
22:31:27.748992 M 79:e3:70:23:1b:2b (oui Unknown) ethertype Unknown (0x34ec), length 390:
22:31:43.592458 M 52:74:b6:8d:34:dd (oui Unknown) ethertype Unknown (0xb1eb), length 390:
22:31:43.710279 P a0:f3:8c:c4:d2:22 (oui Unknown) ethertype Unknown (0xc415), length 390:
내 hostapd.conf
logger_syslog=-1
logger_syslog_level=0
logger_stdout=-1
logger_stdout_level=2
interface=wlan0
ssid=******
channel=6
hw_mode=b
supported_rates=10 20 55 110 60 90 120 240 360 480 540
ignore_broadcast_ssid=0
wpa=2
wpa_key_mgmt=WPA-PSK
rsn_pairwise=CCMP
wpa_passphrase=**************
auth_algs=3
wpa_group_rekey=600
wpa_ptk_rekey=600
wpa_gmk_rekey=86400
country_code=IE
ieee80211d=1
macaddr_acl=0