Hi Jouni, I have managed to solve my problem. I was working with hostapd v2.1 which does not have such a feature. After looking at the code in hostapd v2.5, I've noticed after that adding "-" before a mac entry in the deny file and then issuing the "SET deny_mac_file" command, the entries actually do get removed from the acl table. On Sun, Nov 29, 2015 at 11:20 AM, Jouni Malinen <j@xxxxx> wrote: > On Sun, Nov 22, 2015 at 09:50:15PM +0200, Eli Balta wrote: >> I need to be able to dynamically add and remove hosts from the mac >> filter list depending on various events. >> What I'm doing right now is: >> 1) add/remove mac entry in /etc/hostapd.deny >> 2) send "SET deny_mac_file /etc/hostapd.deny" to the ctrl iface at >> /var/run/hostapd/... >> >> The problem: >> This works only for adding entries to the list, if I remove an entry >> and send the "SET deny_mac_file /etc/hostapd.deny" command, it >> succeeds, but the STA is still denied authentication whenever it tries >> to connect. >> >> Is there any way to solve this problem without having to make >> modifications to the code? > > If you do not want to stop and restart the BSS to do this, then probably > not. There was a recent patch to add a new control interface command for > adding MAC ACL entries and something similar would likely need to be > added to remove MAC ACL entries to cover the case you describe here. > > -- > Jouni Malinen PGP id EFC895FA _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap