From db8b1922fcad7c4a5db72cc3822b757c63334bb9 Mon Sep 17 00:00:00 2001
From: Felix Fietkau <nbd@openwrt.org>
Date: Mon, 26 Apr 2010 23:08:03 +0000
Subject: [PATCH] hostapd: add ap isolate support for mac80211

SVN-Revision: 21179
---
 package/hostapd/files/hostapd.sh              |   5 +
 .../hostapd/patches/001-nl80211_sync.patch    |  21 ++++
 package/hostapd/patches/380-ap_isolate.patch  | 108 ++++++++++++++++++
 3 files changed, 134 insertions(+)
 create mode 100644 package/hostapd/patches/001-nl80211_sync.patch
 create mode 100644 package/hostapd/patches/380-ap_isolate.patch

diff --git a/package/hostapd/files/hostapd.sh b/package/hostapd/files/hostapd.sh
index 9dc18366d9..a41c7678a7 100644
--- a/package/hostapd/files/hostapd.sh
+++ b/package/hostapd/files/hostapd.sh
@@ -5,6 +5,11 @@ hostapd_set_bss_options() {
 
 	config_get enc "$vif" encryption
 	config_get wpa_group_rekey "$vif" wpa_group_rekey
+	config_get_bool ap_isolate "$vif" isolate 0
+
+	if [ "$ap_isolate" -gt 0 ]; then
+		append "$var" "ap_isolate=$ap_isolate" "$N"
+	fi
 
 	# Examples:
 	# psk-mixed/tkip 	=> WPA1+2 PSK, TKIP
diff --git a/package/hostapd/patches/001-nl80211_sync.patch b/package/hostapd/patches/001-nl80211_sync.patch
new file mode 100644
index 0000000000..a9310c7044
--- /dev/null
+++ b/package/hostapd/patches/001-nl80211_sync.patch
@@ -0,0 +1,21 @@
+--- a/src/drivers/nl80211_copy.h
++++ b/src/drivers/nl80211_copy.h
+@@ -709,6 +709,9 @@ enum nl80211_commands {
+  *	NL80211_CMD_AUTHENTICATE, NL80211_CMD_DEAUTHENTICATE,
+  *	NL80211_CMD_DISASSOCIATE.
+  *
++ * @NL80211_ATTR_AP_ISOLATE: (AP mode) Do not forward traffic between stations
++ *	connected to this BSS.
++ *
+  * @NL80211_ATTR_MAX: highest attribute number currently defined
+  * @__NL80211_ATTR_AFTER_LAST: internal use
+  */
+@@ -864,6 +867,8 @@ enum nl80211_attrs {
+ 
+ 	NL80211_ATTR_LOCAL_STATE_CHANGE,
+ 
++	NL80211_ATTR_AP_ISOLATE,
++
+ 	/* add attributes here, update the policy in nl80211.c */
+ 
+ 	__NL80211_ATTR_AFTER_LAST,
diff --git a/package/hostapd/patches/380-ap_isolate.patch b/package/hostapd/patches/380-ap_isolate.patch
new file mode 100644
index 0000000000..92ac6ded8f
--- /dev/null
+++ b/package/hostapd/patches/380-ap_isolate.patch
@@ -0,0 +1,108 @@
+--- a/hostapd/config_file.c
++++ b/hostapd/config_file.c
+@@ -1266,6 +1266,8 @@ struct hostapd_config * hostapd_config_r
+ 			}
+ 		} else if (os_strcmp(buf, "wds_sta") == 0) {
+ 			bss->wds_sta = atoi(pos);
++		} else if (os_strcmp(buf, "ap_isolate") == 0) {
++			bss->isolate = atoi(pos);
+ 		} else if (os_strcmp(buf, "ap_max_inactivity") == 0) {
+ 			bss->ap_max_inactivity = atoi(pos);
+ 		} else if (os_strcmp(buf, "country_code") == 0) {
+--- a/src/ap/ap_config.h
++++ b/src/ap/ap_config.h
+@@ -199,6 +199,7 @@ struct hostapd_bss_config {
+ 	struct mac_acl_entry *deny_mac;
+ 	int num_deny_mac;
+ 	int wds_sta;
++	int isolate;
+ 
+ 	int auth_algs; /* bitfield of allowed IEEE 802.11 authentication
+ 			* algorithms, WPA_AUTH_ALG_{OPEN,SHARED,LEAP} */
+--- a/src/drivers/driver.h
++++ b/src/drivers/driver.h
+@@ -1626,6 +1626,14 @@ struct wpa_driver_ops {
+ 	                   const char *bridge_ifname);
+ 
+ 	/**
++	 * set_ap_isolate - Enable/disable AP isolation
++	 * @priv: private driver interface data
++	 * @val: 1 = enabled; 0 = disabled
++	 * Returns: 0 on success, -1 on failure
++	 */
++	int (*set_ap_isolate)(void *priv, int val);
++
++	/**
+ 	 * send_action - Transmit an Action frame
+ 	 * @priv: Private driver interface data
+ 	 * @freq: Frequency (in MHz) of the channel
+--- a/src/drivers/driver_nl80211.c
++++ b/src/drivers/driver_nl80211.c
+@@ -4263,6 +4263,29 @@ static int i802_set_rate_sets(void *priv
+ 	return -ENOBUFS;
+ }
+ 
++static int i802_set_ap_isolate(void *priv, int val)
++{
++	struct i802_bss *bss = priv;
++	struct wpa_driver_nl80211_data *drv = bss->drv;
++	struct nl_msg *msg;
++	int i;
++
++	msg = nlmsg_alloc();
++	if (!msg)
++		return -ENOMEM;
++
++	genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
++		    NL80211_CMD_SET_BSS, 0);
++
++	NLA_PUT_U8(msg, NL80211_ATTR_AP_ISOLATE, !!val);
++
++	NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(bss->ifname));
++
++	return send_and_recv_msgs(drv, msg, NULL, NULL);
++ nla_put_failure:
++	return -ENOBUFS;
++}
++
+ #endif /* HOSTAPD */
+ 
+ 
+@@ -5372,6 +5395,7 @@ const struct wpa_driver_ops wpa_driver_n
+ 	.set_tx_queue_params = i802_set_tx_queue_params,
+ 	.set_sta_vlan = i802_set_sta_vlan,
+ 	.set_wds_sta = i802_set_wds_sta,
++	.set_ap_isolate = i802_set_ap_isolate,
+ #endif /* HOSTAPD */
+ 	.set_freq = i802_set_freq,
+ 	.send_action = wpa_driver_nl80211_send_action,
+--- a/src/ap/ap_drv_ops.c
++++ b/src/ap/ap_drv_ops.c
+@@ -180,6 +180,14 @@ static int hostapd_set_radius_acl_expire
+ }
+ 
+ 
++static int hostapd_set_ap_isolate(struct hostapd_data *hapd, int value)
++{
++	if (hapd->driver == NULL || hapd->driver->set_ap_isolate == NULL)
++		return 0;
++	hapd->driver->set_ap_isolate(hapd->drv_priv, value);
++}
++
++
+ static int hostapd_set_bss_params(struct hostapd_data *hapd,
+ 				  int use_protection)
+ {
+@@ -229,6 +237,12 @@ static int hostapd_set_bss_params(struct
+ 			   "driver");
+ 		ret = -1;
+ 	}
++	if (hostapd_set_ap_isolate(hapd, hapd->conf->isolate) &&
++	    !hapd->conf->isolate) {
++		wpa_printf(MSG_ERROR, "Could not enable AP isolation in "
++			   "kernel driver");
++		ret = -1;
++	}
+ 
+ 	return ret;
+ }
-- 
GitLab