aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFelix Fietkau <nbd@openwrt.org>2010-11-09 14:27:15 (GMT)
committerJouni Malinen <j@w1.fi>2010-11-09 14:27:15 (GMT)
commitd3b4286967697113ad9bc5e8e84effd16a978baf (patch)
treea3a5679a008b74f1ff00eddc78f2361818e379b6
parent5a5009dc925b19101aad099b9748ee8713375b76 (diff)
downloadhostap-d3b4286967697113ad9bc5e8e84effd16a978baf.zip
hostap-d3b4286967697113ad9bc5e8e84effd16a978baf.tar.gz
hostap-d3b4286967697113ad9bc5e8e84effd16a978baf.tar.bz2
Allow client isolation to be configured (ap_isolate=1)
Client isolation can be used to prevent low-level bridging of frames between associated stations in the BSS. By default, this bridging is allowed.
-rw-r--r--hostapd/config_file.c2
-rw-r--r--hostapd/hostapd.conf4
-rw-r--r--src/ap/ap_config.h1
-rw-r--r--src/ap/ap_drv_ops.c15
4 files changed, 22 insertions, 0 deletions
diff --git a/hostapd/config_file.c b/hostapd/config_file.c
index c2083f6..36b75e5 100644
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -1282,6 +1282,8 @@ struct hostapd_config * hostapd_config_read(const char *fname)
}
} else if (os_strcmp(buf, "wds_sta") == 0) {
bss->wds_sta = atoi(pos);
+ } else if (os_strcmp(buf, "ap_isolate") == 0) {
+ bss->isolate = atoi(pos);
} else if (os_strcmp(buf, "ap_max_inactivity") == 0) {
bss->ap_max_inactivity = atoi(pos);
} else if (os_strcmp(buf, "country_code") == 0) {
diff --git a/hostapd/hostapd.conf b/hostapd/hostapd.conf
index afeb206..fe97ea8 100644
--- a/hostapd/hostapd.conf
+++ b/hostapd/hostapd.conf
@@ -357,6 +357,10 @@ wmm_ac_vo_acm=0
# use a separate bridge.
#wds_bridge=wds-br0
+# Client isolation can be used to prevent low-level bridging of frames between
+# associated stations in the BSS. By default, this bridging is allowed.
+#ap_isolate=1
+
##### IEEE 802.11n related configuration ######################################
# ieee80211n: Whether IEEE 802.11n (HT) is enabled
diff --git a/src/ap/ap_config.h b/src/ap/ap_config.h
index be2e334..a95ebe9 100644
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
@@ -199,6 +199,7 @@ struct hostapd_bss_config {
struct mac_acl_entry *deny_mac;
int num_deny_mac;
int wds_sta;
+ int isolate;
int auth_algs; /* bitfield of allowed IEEE 802.11 authentication
* algorithms, WPA_AUTH_ALG_{OPEN,SHARED,LEAP} */
diff --git a/src/ap/ap_drv_ops.c b/src/ap/ap_drv_ops.c
index 001c4c7..0ac5289 100644
--- a/src/ap/ap_drv_ops.c
+++ b/src/ap/ap_drv_ops.c
@@ -281,6 +281,14 @@ static int hostapd_set_radius_acl_expire(struct hostapd_data *hapd,
}
+static int hostapd_set_ap_isolate(struct hostapd_data *hapd, int value)
+{
+ if (hapd->driver == NULL || hapd->driver->set_intra_bss == NULL)
+ return 0;
+ return hapd->driver->set_intra_bss(hapd->drv_priv, !value);
+}
+
+
static int hostapd_set_bss_params(struct hostapd_data *hapd,
int use_protection)
{
@@ -331,6 +339,13 @@ static int hostapd_set_bss_params(struct hostapd_data *hapd,
ret = -1;
}
+ if (hostapd_set_ap_isolate(hapd, hapd->conf->isolate) &&
+ hapd->conf->isolate) {
+ wpa_printf(MSG_ERROR, "Could not enable AP isolation in "
+ "kernel driver");
+ ret = -1;
+ }
+
return ret;
}