This script creates a 3 port Linux bridge allowing 802.1x authentication to be offloaded from one device (ie router) to a separate device (the bridge).
Note: This script was written for use on Void Linux.
- Modify 802-1x_att.sh variables
- replace all lines in rc.local with path to script
- Disable ipv6 via kernel flag ipv6.disable=1
- Disable dhcpcd, sshd, and ntpd services
- Recommended install?
- Install to
/opt/attwith certs and wpa_suppicant.conf placed in a subfolder.
- Install to
- Does the bridge handle MAC Spoofing?
- No, devices placed behind the bridge still require MAC spoofing.
- Why 3 ports?
- Three ports enables easy swapping between active-passive devices using the same MAC address.
- Why disable ssh?
- The bridge device will not receive an IP address and basically acts completely transparent. The idea is to setup the bridge and never touch it.
- Can I add additional lines to rc.conf?
- Technically yes however be careful not to add commands that conflict with the script.