hostapd: make the snooping interface (for proxyarp) configurable
authorFelix Fietkau <nbd@nbd.name>
Tue, 27 Jul 2021 18:28:58 +0000 (20:28 +0200)
committerFelix Fietkau <nbd@nbd.name>
Tue, 23 Nov 2021 17:30:04 +0000 (18:30 +0100)
Use the VLAN interface instead of the bridge, to ensure that hostapd receives
untagged DHCP packets

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 7b46377a0cd9d809a3c340358121de77f005d4cc)
(cherry-picked from commit f1b98fa4fa8a86a9daf2a7177235f28cbd7c53ef)

package/network/services/hostapd/files/hostapd.sh
package/network/services/hostapd/patches/740-snoop_iface.patch [new file with mode: 0644]

index 40c6d9b851e35ef098ea836eafca0c3f80006737..d29bc13ccc3151e6ce2ad6db6515722ab4583703 100644 (file)
@@ -730,6 +730,7 @@ hostapd_set_bss_options() {
 
        append bss_conf "ssid=$ssid" "$N"
        [ -n "$network_bridge" ] && append bss_conf "bridge=$network_bridge" "$N"
+       [ -n "$network_ifname" ] && append bss_conf "snoop_iface=$network_ifname" "$N"
        [ -n "$iapp_interface" ] && {
                local ifname
                network_get_device ifname "$iapp_interface" || ifname="$iapp_interface"
diff --git a/package/network/services/hostapd/patches/740-snoop_iface.patch b/package/network/services/hostapd/patches/740-snoop_iface.patch
new file mode 100644 (file)
index 0000000..722d1e7
--- /dev/null
@@ -0,0 +1,37 @@
+--- a/src/ap/ap_config.h
++++ b/src/ap/ap_config.h
+@@ -278,6 +278,7 @@ struct hostapd_bss_config {
+       char iface[IFNAMSIZ + 1];
+       char bridge[IFNAMSIZ + 1];
+       char ft_iface[IFNAMSIZ + 1];
++      char snoop_iface[IFNAMSIZ + 1];
+       char vlan_bridge[IFNAMSIZ + 1];
+       char wds_bridge[IFNAMSIZ + 1];
+--- a/src/ap/x_snoop.c
++++ b/src/ap/x_snoop.c
+@@ -71,8 +71,12 @@ x_snoop_get_l2_packet(struct hostapd_dat
+ {
+       struct hostapd_bss_config *conf = hapd->conf;
+       struct l2_packet_data *l2;
++      const char *ifname = conf->bridge;
+-      l2 = l2_packet_init(conf->bridge, NULL, ETH_P_ALL, handler, hapd, 1);
++      if (conf->snoop_iface[0])
++              ifname = conf->snoop_iface;
++
++      l2 = l2_packet_init(ifname, NULL, ETH_P_ALL, handler, hapd, 1);
+       if (l2 == NULL) {
+               wpa_printf(MSG_DEBUG,
+                          "x_snoop: Failed to initialize L2 packet processing %s",
+--- a/hostapd/config_file.c
++++ b/hostapd/config_file.c
+@@ -2357,6 +2357,8 @@ static int hostapd_config_fill(struct ho
+                          sizeof(conf->bss[0]->iface));
+       } else if (os_strcmp(buf, "bridge") == 0) {
+               os_strlcpy(bss->bridge, pos, sizeof(bss->bridge));
++      } else if (os_strcmp(buf, "snoop_iface") == 0) {
++              os_strlcpy(bss->snoop_iface, pos, sizeof(bss->snoop_iface));
+       } else if (os_strcmp(buf, "vlan_bridge") == 0) {
+               os_strlcpy(bss->vlan_bridge, pos, sizeof(bss->vlan_bridge));
+       } else if (os_strcmp(buf, "wds_bridge") == 0) {