d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add list mac and mac:kick support

Browse Source 
Submitted by:	Michal Mertl (original version)
MFC after:	2 weeks
This commit is contained in:
sam 2005-08-13 17:38:09 +00:00
parent 8449b25a22
commit 4cfaf1334b
2 changed files with 98 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
sbin/ifconfig/ifconfig.8
View File

@ -728,9 +728,17 @@ modes supported.
Display the list of channels available for use. Display the list of channels available for use.
.Dq Li list freq .Dq Li list freq
is another way of requesting this information. is another way of requesting this information.
.\" not yet implemented .It Cm list Cm mac
.\".It Cm list Cm mac Display the current MAC Access Control List state.
.\"Display the current MAC Access Control List state. Each address is prefixed with a character that indicates the
current policy applied to it:
.Dq Li +
indicates the address is allowed access,
.Dq Li -
indicates the address is denied access,
.Dq Li *
indicates the address is present but the current policy open
(so the acl is not consulted).
.It Cm list Cm scan .It Cm list Cm scan
Display the access points and/or ad-hoc neighbors Display the access points and/or ad-hoc neighbors
located in the vicinity. located in the vicinity.
@ -1038,11 +1046,10 @@ Delete the specified MAC address from the database.
.It Cm mac:deny .It Cm mac:deny
Set the ACL policy to deny association only by Set the ACL policy to deny association only by
stations registered in the database. stations registered in the database.
.\" XXX not yet implemented .It Cm mac:kick
.\".It Cm mac:kick Force the specified station to be deauthenticated.
.\"Force the specified station to be deauthenticated. This typically is done to block a station after updating the
.\"This typically is done to block a station after updating the address database.
.\"address database.
.It Cm mac:open .It Cm mac:open
Set the ACL policy to allow all stations to associate. Set the ACL policy to allow all stations to associate.
.It Cm mac:flush .It Cm mac:flush

85
sbin/ifconfig/ifieee80211.c
View File

@ -623,6 +623,30 @@ DECL_CMD_FUNC(set80211delmac, val, d)
set80211macmac(s, IEEE80211_IOC_DELMAC, val); set80211macmac(s, IEEE80211_IOC_DELMAC, val);
} }
static
DECL_CMD_FUNC(set80211kickmac, val, d)
{
char *temp;
struct sockaddr_dl sdl;
struct ieee80211req_mlme mlme;
temp = malloc(strlen(val) + 1);
if (temp == NULL)
errx(1, "malloc failed");
temp[0] = ':';
strcpy(temp + 1, val);
sdl.sdl_len = sizeof(sdl);
link_addr(temp, &sdl);
free(temp);
if (sdl.sdl_alen != IEEE80211_ADDR_LEN)
errx(1, "malformed link-level address");
memset(&mlme, 0, sizeof(mlme));
mlme.im_op = IEEE80211_MLME_DEAUTH;
mlme.im_reason = IEEE80211_REASON_AUTH_EXPIRE;
memcpy(mlme.im_macaddr, LLADDR(&sdl), IEEE80211_ADDR_LEN);
set80211(s, IEEE80211_IOC_MLME, 0, sizeof(mlme), (u_int8_t *) &mlme);
}
static static
DECL_CMD_FUNC(set80211maccmd, val, d) DECL_CMD_FUNC(set80211maccmd, val, d)
{ {
@ -1110,6 +1134,63 @@ again:
} }
} }
static void
list_mac(int s)
{
struct ieee80211req ireq;
struct ieee80211req_maclist *acllist;
int i, nacls, policy;
char c;
(void) memset(&ireq, 0, sizeof(ireq));
(void) strncpy(ireq.i_name, name, sizeof(ireq.i_name)); /* XXX ?? */
ireq.i_type = IEEE80211_IOC_MACCMD;
ireq.i_val = IEEE80211_MACCMD_POLICY;
if (ioctl(s, SIOCG80211, &ireq) < 0) {
if (errno == EINVAL) {
printf("No acl policy loaded\n");
return;
}
err(1, "unable to get mac policy");
}
policy = ireq.i_val;
ireq.i_val = IEEE80211_MACCMD_LIST;
ireq.i_len = 0;
if (ioctl(s, SIOCG80211, &ireq) < 0)
err(1, "unable to get mac acl list size");
if (ireq.i_len == 0) /* NB: no acls */
return;
ireq.i_data = malloc(ireq.i_len);
if (ireq.i_data == NULL)
err(1, "out of memory for acl list");
if (ioctl(s, SIOCG80211, &ireq) < 0)
err(1, "unable to get mac acl list");
if (policy == IEEE80211_MACCMD_POLICY_OPEN) {
if (verbose)
printf("policy: open\n");
c = '*';
} else if (policy == IEEE80211_MACCMD_POLICY_ALLOW) {
if (verbose)
printf("policy: allow\n");
c = '+';
} else if (policy == IEEE80211_MACCMD_POLICY_DENY) {
if (verbose)
printf("policy: deny\n");
c = '-';
} else {
printf("policy: unknown (%u)\n", policy);
c = '?';
}
nacls = ireq.i_len / sizeof(*acllist);
acllist = (struct ieee80211req_maclist *) ireq.i_data;
for (i = 0; i < nacls; i++)
printf("%c%s\n", c, ether_ntoa(
(const struct ether_addr *) acllist[i].ml_macaddr));
}
static static
DECL_CMD_FUNC(set80211list, arg, d) DECL_CMD_FUNC(set80211list, arg, d)
{ {
@ -1129,6 +1210,8 @@ DECL_CMD_FUNC(set80211list, arg, d)
list_capabilities(s); list_capabilities(s);
else if (iseq(arg, "wme")) else if (iseq(arg, "wme"))
list_wme(s); list_wme(s);
else if (iseq(arg, "mac"))
list_mac(s);
else else
errx(1, "Don't know how to list %s for %s", arg, name); errx(1, "Don't know how to list %s for %s", arg, name);
#undef iseq #undef iseq
@ -1824,9 +1907,7 @@ static struct cmd ieee80211_cmds[] = {
DEF_CMD("mac:detach", IEEE80211_MACCMD_DETACH, set80211maccmd), DEF_CMD("mac:detach", IEEE80211_MACCMD_DETACH, set80211maccmd),
DEF_CMD_ARG("mac:add", set80211addmac), DEF_CMD_ARG("mac:add", set80211addmac),
DEF_CMD_ARG("mac:del", set80211delmac), DEF_CMD_ARG("mac:del", set80211delmac),
#if 0
DEF_CMD_ARG("mac:kick", set80211kickmac), DEF_CMD_ARG("mac:kick", set80211kickmac),
#endif
DEF_CMD("pureg", 1, set80211pureg), DEF_CMD("pureg", 1, set80211pureg),
DEF_CMD("-pureg", 0, set80211pureg), DEF_CMD("-pureg", 0, set80211pureg),
DEF_CMD_ARG("fragthreshold", set80211fragthreshold), DEF_CMD_ARG("fragthreshold", set80211fragthreshold),