diff options
| author | Jo-Philipp Wich <jo@mein.io> | 2018-10-16 12:11:20 +0200 |
|---|---|---|
| committer | Jo-Philipp Wich <jo@mein.io> | 2018-10-16 12:11:20 +0200 |
| commit | 3e633bb3709611d79965fab667e3239fd3bde151 (patch) | |
| tree | abd1086886fdd4a1b8a692abf1e65d91813c69bf /package/network/services/hostapd/patches/000-0001-Reduce-undesired-logging-of-ACL-rejection.patch | |
| parent | 583466bb5b374b29b6b7cba6f065e97c4734f742 (diff) | |
| download | upstream-3e633bb3709611d79965fab667e3239fd3bde151.tar.gz upstream-3e633bb3709611d79965fab667e3239fd3bde151.tar.bz2 upstream-3e633bb3709611d79965fab667e3239fd3bde151.zip | |
hostapd: fix MAC filter related log spam
Backport two upstream fixes to address overly verbose logging of MAC ACL
rejection messages.
Fixes: FS#1468
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Diffstat (limited to 'package/network/services/hostapd/patches/000-0001-Reduce-undesired-logging-of-ACL-rejection.patch')
| -rw-r--r-- | package/network/services/hostapd/patches/000-0001-Reduce-undesired-logging-of-ACL-rejection.patch | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/package/network/services/hostapd/patches/000-0001-Reduce-undesired-logging-of-ACL-rejection.patch b/package/network/services/hostapd/patches/000-0001-Reduce-undesired-logging-of-ACL-rejection.patch new file mode 100644 index 0000000000..3fc80a01d7 --- /dev/null +++ b/package/network/services/hostapd/patches/000-0001-Reduce-undesired-logging-of-ACL-rejection.patch @@ -0,0 +1,39 @@ +From 6588f712220797c69dbd019daa19b82a50d92782 Mon Sep 17 00:00:00 2001 +From: Jouni Malinen <j@w1.fi> +Date: Sun, 14 Oct 2018 19:57:22 +0300 +Subject: Reduce undesired logging of ACL rejection events from AP mode + +When Probe Request frame handling was extended to use MAC ACL through +ieee802_11_allowed_address(), the MSG_INFO level log print ("Station +<addr> not allowed to authenticate") from that function ended up getting +printed even for Probe Request frames. That was not by design and it can +result in excessive logging and MSG_INFO level if MAC ACL is used. + +Fix this by printing this log entry only for authentication and +association frames. In addition, drop the priority of that log entry to +MSG_DEBUG since this is not really an unexpected behavior in most MAC +ACL use cases. + +Fixes: 92eb00aec2a0 ("Extend ACL check for Probe Request frames") +Signed-off-by: Jouni Malinen <j@w1.fi> +--- + src/ap/ieee802_11.c | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +--- a/src/ap/ieee802_11.c ++++ b/src/ap/ieee802_11.c +@@ -1636,9 +1636,11 @@ ieee802_11_allowed_address(struct hostap + is_probe_req); + + if (res == HOSTAPD_ACL_REJECT) { +- wpa_printf(MSG_INFO, +- "Station " MACSTR " not allowed to authenticate", +- MAC2STR(addr)); ++ if (!is_probe_req) ++ wpa_printf(MSG_DEBUG, ++ "Station " MACSTR ++ " not allowed to authenticate", ++ MAC2STR(addr)); + return HOSTAPD_ACL_REJECT; + } + |