diff --git a/bash_completion b/bash_completion index c5a341a..aae0bb2 100644 --- a/bash_completion +++ b/bash_completion @@ -1,4 +1,4 @@ -# +# # Bash Completion routine for create_ap # @@ -61,6 +61,12 @@ _create_ap() { --hidden) # No Options ;; + --mac-filter) + # No Options + ;; + --mac-filter-accept) + # No Options + ;; --ieee80211n) # No Options ;; diff --git a/create_ap b/create_ap index dce6660..a5f6155 100755 --- a/create_ap +++ b/create_ap @@ -42,6 +42,8 @@ usage() { echo " 'none' for no Internet sharing (equivalent to -n)" echo " --psk Use 64 hex digits pre-shared-key instead of passphrase" echo " --hidden Make the Access Point hidden (do not broadcast the SSID)" + echo " --mac-filter Enable MAC address filtering" + echo " --mac-filter-accept Location of MAC address filter list (defaults to /etc/hostapd/hostapd.accept)" echo " --redirect-to-localhost If -n is set, redirect every web request to localhost (useful for public information networks)" echo " --hostapd-debug With level between 1 and 2, passes arguments -d or -dd to hostapd for debugging." echo " --isolate-clients Disable communication between clients" @@ -600,6 +602,8 @@ ETC_HOSTS=0 DHCP_DNS=gateway NO_DNS=0 HIDDEN=0 +MAC_FILTER=0 +MAC_FILTER_ACCEPT=/etc/hostapd/hostapd.accept ISOLATE_CLIENTS=0 SHARE_METHOD=nat IEEE80211N=0 @@ -618,8 +622,8 @@ USE_PSK=0 HOSTAPD_DEBUG_ARGS= REDIRECT_TO_LOCALHOST=0 -CONFIG_OPTS=(CHANNEL GATEWAY WPA_VERSION ETC_HOSTS DHCP_DNS NO_DNS HIDDEN ISOLATE_CLIENTS SHARE_METHOD - IEEE80211N IEEE80211AC HT_CAPAB VHT_CAPAB DRIVER NO_VIRT COUNTRY FREQ_BAND +CONFIG_OPTS=(CHANNEL GATEWAY WPA_VERSION ETC_HOSTS DHCP_DNS NO_DNS HIDDEN MAC_FILTER MAC_FILTER_ACCEPT ISOLATE_CLIENTS + SHARE_METHOD IEEE80211N IEEE80211AC HT_CAPAB VHT_CAPAB DRIVER NO_VIRT COUNTRY FREQ_BAND NEW_MACADDR DAEMONIZE NO_HAVEGED WIFI_IFACE INTERNET_IFACE SSID PASSPHRASE USE_PSK) @@ -1012,7 +1016,7 @@ for ((i=0; i<$#; i++)); do fi done -GETOPT_ARGS=$(getopt -o hc:w:g:dnm: -l "help","hidden","hostapd-debug:","redirect-to-localhost","isolate-clients","ieee80211n","ieee80211ac","ht_capab:","vht_capab:","driver:","no-virt","fix-unmanaged","country:","freq-band:","mac:","dhcp-dns:","daemon","stop:","list","list-running","list-clients:","version","psk","no-haveged","no-dns","mkconfig:","config:" -n "$PROGNAME" -- "$@") +GETOPT_ARGS=$(getopt -o hc:w:g:dnm: -l "help","hidden","hostapd-debug:","redirect-to-localhost","mac-filter","mac-filter-accept:","isolate-clients","ieee80211n","ieee80211ac","ht_capab:","vht_capab:","driver:","no-virt","fix-unmanaged","country:","freq-band:","mac:","dhcp-dns:","daemon","stop:","list","list-running","list-clients:","version","psk","no-haveged","no-dns","mkconfig:","config:" -n "$PROGNAME" -- "$@") [[ $? -ne 0 ]] && exit 1 eval set -- "$GETOPT_ARGS" @@ -1030,6 +1034,15 @@ while :; do shift HIDDEN=1 ;; + --mac-filter) + shift + MAC_FILTER=1 + ;; + --mac-filter-accept) + shift + MAC_FILTER_ACCEPT="$1" + shift + ;; --isolate-clients) shift ISOLATE_CLIENTS=1 @@ -1551,6 +1564,8 @@ fi [[ $HIDDEN -eq 1 ]] && echo "Access Point's SSID is hidden!" +[[ $MAC_FILTER -eq 1 ]] && echo "MAC address filtering is enabled!" + [[ $ISOLATE_CLIENTS -eq 1 ]] && echo "Access Point's clients will be isolated!" # hostapd config @@ -1579,6 +1594,13 @@ else echo "hw_mode=a" >> $CONFDIR/hostapd.conf fi +if [[ $MAC_FILTER -eq 1 ]]; then + cat << EOF >> $CONFDIR/hostapd.conf +macaddr_acl=${MAC_FILTER} +accept_mac_file=${MAC_FILTER_ACCEPT} +EOF +fi + if [[ $IEEE80211N -eq 1 ]]; then cat << EOF >> $CONFDIR/hostapd.conf ieee80211n=1