diff options
Diffstat (limited to 'package/network/services/hostapd/patches/000-0001-Reduce-undesired-logging-of-ACL-rejection.patch')
-rw-r--r-- | package/network/services/hostapd/patches/000-0001-Reduce-undesired-logging-of-ACL-rejection.patch | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/package/network/services/hostapd/patches/000-0001-Reduce-undesired-logging-of-ACL-rejection.patch b/package/network/services/hostapd/patches/000-0001-Reduce-undesired-logging-of-ACL-rejection.patch new file mode 100644 index 0000000000..3fc80a01d7 --- /dev/null +++ b/package/network/services/hostapd/patches/000-0001-Reduce-undesired-logging-of-ACL-rejection.patch @@ -0,0 +1,39 @@ +From 6588f712220797c69dbd019daa19b82a50d92782 Mon Sep 17 00:00:00 2001 +From: Jouni Malinen <j@w1.fi> +Date: Sun, 14 Oct 2018 19:57:22 +0300 +Subject: Reduce undesired logging of ACL rejection events from AP mode + +When Probe Request frame handling was extended to use MAC ACL through +ieee802_11_allowed_address(), the MSG_INFO level log print ("Station +<addr> not allowed to authenticate") from that function ended up getting +printed even for Probe Request frames. That was not by design and it can +result in excessive logging and MSG_INFO level if MAC ACL is used. + +Fix this by printing this log entry only for authentication and +association frames. In addition, drop the priority of that log entry to +MSG_DEBUG since this is not really an unexpected behavior in most MAC +ACL use cases. + +Fixes: 92eb00aec2a0 ("Extend ACL check for Probe Request frames") +Signed-off-by: Jouni Malinen <j@w1.fi> +--- + src/ap/ieee802_11.c | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +--- a/src/ap/ieee802_11.c ++++ b/src/ap/ieee802_11.c +@@ -1636,9 +1636,11 @@ ieee802_11_allowed_address(struct hostap + is_probe_req); + + if (res == HOSTAPD_ACL_REJECT) { +- wpa_printf(MSG_INFO, +- "Station " MACSTR " not allowed to authenticate", +- MAC2STR(addr)); ++ if (!is_probe_req) ++ wpa_printf(MSG_DEBUG, ++ "Station " MACSTR ++ " not allowed to authenticate", ++ MAC2STR(addr)); + return HOSTAPD_ACL_REJECT; + } + |