Allow client isolation to be configured (ap_isolate=1)

Client isolation can be used to prevent low-level bridging of frames
between associated stations in the BSS. By default, this bridging is
allowed.
This commit is contained in:
Felix Fietkau 2010-11-09 16:27:15 +02:00 committed by Jouni Malinen
parent 5a5009dc92
commit d3b4286967
4 changed files with 22 additions and 0 deletions

View file

@ -1282,6 +1282,8 @@ struct hostapd_config * hostapd_config_read(const char *fname)
}
} else if (os_strcmp(buf, "wds_sta") == 0) {
bss->wds_sta = atoi(pos);
} else if (os_strcmp(buf, "ap_isolate") == 0) {
bss->isolate = atoi(pos);
} else if (os_strcmp(buf, "ap_max_inactivity") == 0) {
bss->ap_max_inactivity = atoi(pos);
} else if (os_strcmp(buf, "country_code") == 0) {

View file

@ -357,6 +357,10 @@ wmm_ac_vo_acm=0
# use a separate bridge.
#wds_bridge=wds-br0
# Client isolation can be used to prevent low-level bridging of frames between
# associated stations in the BSS. By default, this bridging is allowed.
#ap_isolate=1
##### IEEE 802.11n related configuration ######################################
# ieee80211n: Whether IEEE 802.11n (HT) is enabled

View file

@ -199,6 +199,7 @@ struct hostapd_bss_config {
struct mac_acl_entry *deny_mac;
int num_deny_mac;
int wds_sta;
int isolate;
int auth_algs; /* bitfield of allowed IEEE 802.11 authentication
* algorithms, WPA_AUTH_ALG_{OPEN,SHARED,LEAP} */

View file

@ -281,6 +281,14 @@ static int hostapd_set_radius_acl_expire(struct hostapd_data *hapd,
}
static int hostapd_set_ap_isolate(struct hostapd_data *hapd, int value)
{
if (hapd->driver == NULL || hapd->driver->set_intra_bss == NULL)
return 0;
return hapd->driver->set_intra_bss(hapd->drv_priv, !value);
}
static int hostapd_set_bss_params(struct hostapd_data *hapd,
int use_protection)
{
@ -331,6 +339,13 @@ static int hostapd_set_bss_params(struct hostapd_data *hapd,
ret = -1;
}
if (hostapd_set_ap_isolate(hapd, hapd->conf->isolate) &&
hapd->conf->isolate) {
wpa_printf(MSG_ERROR, "Could not enable AP isolation in "
"kernel driver");
ret = -1;
}
return ret;
}