Date: Mon, 29 Jun 2009 10:58:32 +0000 (UTC) From: Rui Paulo <rpaulo@FreeBSD.org> To: src-committers@freebsd.org, svn-src-projects@freebsd.org Subject: svn commit: r195154 - projects/mesh11s/sys/net80211 Message-ID: <200906291058.n5TAwWHw042751@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: rpaulo Date: Mon Jun 29 10:58:32 2009 New Revision: 195154 URL: http://svn.freebsd.org/changeset/base/195154 Log: * do expensive peer ACL check on DEBUG. this makes it easier to test different network topologies * move the ACL check a bit below * statify Sponsored by: The FreeBSD Foundation Modified: projects/mesh11s/sys/net80211/ieee80211_mesh.c Modified: projects/mesh11s/sys/net80211/ieee80211_mesh.c ============================================================================== --- projects/mesh11s/sys/net80211/ieee80211_mesh.c Mon Jun 29 05:12:21 2009 (r195153) +++ projects/mesh11s/sys/net80211/ieee80211_mesh.c Mon Jun 29 10:58:32 2009 (r195154) @@ -446,6 +446,21 @@ mesh_input(struct ieee80211_node *ni, st if ((ic->ic_flags & IEEE80211_F_SCAN) == 0) { } +#ifdef IEEE80211_DEBUG + /* + * It's easier, but too expensive, to simulate different mesh + * topologies by consulting the ACL policy very early, so do this + * only under DEBUG. + * + * NB: this check is also done upon peering link initiation. + */ + if (vap->iv_acl != NULL && !vap->iv_acl->iac_check(vap, wh->i_addr2)) { + IEEE80211_DISCARD(vap, IEEE80211_MSG_ACL, + wh, NULL, "%s", "disallowed by ACL"); + vap->iv_stats.is_rx_acl++; + return; + } +#endif switch (type) { case IEEE80211_FC0_TYPE_DATA: if (ni == vap->iv_bss) @@ -682,16 +697,6 @@ mesh_recv_mgmt(struct ieee80211_node *ni if (vap->iv_state != IEEE80211_S_RUN) return; /* - * Peer only based on the current ACL policy. - */ - if (vap->iv_acl != NULL && - !vap->iv_acl->iac_check(vap, wh->i_addr2)) { - IEEE80211_DISCARD(vap, IEEE80211_MSG_ACL, - wh, NULL, "%s", "disallowed by ACL"); - vap->iv_stats.is_rx_acl++; - return; - } - /* * Ignore non-mesh STAs. */ if ((scan.capinfo & @@ -711,7 +716,16 @@ mesh_recv_mgmt(struct ieee80211_node *ni wh, "beacon", "%s", "not for our mesh"); return; } - + /* + * Peer only based on the current ACL policy. + */ + if (vap->iv_acl != NULL && + !vap->iv_acl->iac_check(vap, wh->i_addr2)) { + IEEE80211_DISCARD(vap, IEEE80211_MSG_ACL, + wh, NULL, "%s", "disallowed by ACL"); + vap->iv_stats.is_rx_acl++; + return; + } /* * Do neighbor discovery. */ @@ -1461,8 +1475,7 @@ ieee80211_add_meshconf(uint8_t *frm, str { uint8_t neighs = 0; struct ieee80211_mesh_state *ms = vap->iv_mesh; - /* XXX not static, expensive, do as static+dynamic */ - struct ieee80211_meshconf_ie ie = { + static struct ieee80211_meshconf_ie ie = { .conf_ie = IEEE80211_ELEMID_MESHCONF, .conf_len = sizeof(struct ieee80211_meshconf_ie) - 2, .conf_ver = IEEE80211_MESHCONF_VERSION,
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200906291058.n5TAwWHw042751>