linux bridge transparent 802.1x

Finally, a standard Linux 3.2 bridge can forward 802.1x messages!

Finally, a feature to make Linux bridge transparent to 802.1x EAP messages is in the official 3.2 kernel! No more manual kernel patching or messing with openswitch. This feature is mostly useful for pentesting 802.1x-protected networks.

To force a bridge forward 802.1x EAP messages all you needs to do is to set the 4th least-significant-bit in a special sysfs file, something like this:

echo 8 > /sys/class/net/brXXX/bridge/group_fwd_mask

I haven't tried myself yet, but can confirm the sysfs file is there on my Ubuntu 12.04.

Subscribe to RSS - linux bridge transparent 802.1x