Re: Updating deny acl mac list during runtime

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Jouni,

I have managed to solve my problem.
I was working with hostapd v2.1 which does not have such a feature.
After looking at the code in hostapd v2.5, I've noticed after that
adding "-" before a mac entry in the deny file and then issuing the
"SET deny_mac_file" command, the entries actually do get removed from
the acl table.

On Sun, Nov 29, 2015 at 11:20 AM, Jouni Malinen <j@xxxxx> wrote:
> On Sun, Nov 22, 2015 at 09:50:15PM +0200, Eli Balta wrote:
>> I need to be able to dynamically add and remove hosts from the mac
>> filter list depending on various events.
>> What I'm doing right now is:
>> 1) add/remove mac entry in /etc/hostapd.deny
>> 2) send "SET deny_mac_file /etc/hostapd.deny" to the ctrl iface at
>> /var/run/hostapd/...
>>
>> The problem:
>> This works only for adding entries to the list, if I remove an entry
>> and send the "SET deny_mac_file /etc/hostapd.deny" command, it
>> succeeds, but the STA is still denied authentication whenever it tries
>> to connect.
>>
>> Is there any way to solve this problem without having to make
>> modifications to the code?
>
> If you do not want to stop and restart the BSS to do this, then probably
> not. There was a recent patch to add a new control interface command for
> adding MAC ACL entries and something similar would likely need to be
> added to remove MAC ACL entries to cover the case you describe here.
>
> --
> Jouni Malinen                                            PGP id EFC895FA

_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap



[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux