On Sun, Jun 04, 2006 at 08:12:09PM -0400, Jason Lunz wrote: > Don't swamp syslog with > CCMP: decrypt failed: STA=00:12:17:3a:e2:c7 > and > CCMP: replay detected: STA=00:12:17:3a:e2:c7 previous PN 000000000004 > received PN 000000000004 > messages. > > These both seem to be completely normal in regular use, especially > 'decrypt failed' whenever another wpa-using station on the same AP is > within range.
These are not normal, i.e., they should not really show up unless something goes wrong. In many cases, this may be caused by something missing in local filtering (e.g., retry duplicates are not filtered out correctly or messages to incorrect addresses are allowed through, etc.). In other cases, it can indicate incorrect implementation of rekeying or some other bugs in either end of the connection. Anyway, I don't have anything against removing the messages in default kernel builds. If there is a suitable build time debug option, that might be nicer way of doing this, though, since these can provide valuable information when figuring out why something does not work. -- Jouni Malinen PGP id EFC895FA - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html