summaryrefslogtreecommitdiff
path: root/interface-definitions
diff options
context:
space:
mode:
authorChristian Breunig <christian@breunig.cc>2023-08-23 20:20:23 +0200
committerGitHub <noreply@github.com>2023-08-23 20:20:23 +0200
commitdb67bc204e77fb2dd7d4a76672c63bc9bbfc07e1 (patch)
treeb7e61ea893f7ff0768abbdb8f02f7c7842b3a4c4 /interface-definitions
parentf25e1c9fa166c22d2a329ae435ae8be4f80985ef (diff)
parent35a46e4abfcece1beefb898ebd7fcb688fc55de5 (diff)
downloadvyos-1x-db67bc204e77fb2dd7d4a76672c63bc9bbfc07e1.tar.gz
vyos-1x-db67bc204e77fb2dd7d4a76672c63bc9bbfc07e1.zip
Merge pull request #2159 from c-po/t5491-wifi
wifi: T5491: allow white-/blacklisting station MAC addresses for security
Diffstat (limited to 'interface-definitions')
-rw-r--r--interface-definitions/include/interface/mac-multi.xml.i15
-rw-r--r--interface-definitions/interfaces-wireless.xml.in43
2 files changed, 58 insertions, 0 deletions
diff --git a/interface-definitions/include/interface/mac-multi.xml.i b/interface-definitions/include/interface/mac-multi.xml.i
new file mode 100644
index 000000000..458372e67
--- /dev/null
+++ b/interface-definitions/include/interface/mac-multi.xml.i
@@ -0,0 +1,15 @@
+<!-- include start from interface/mac-multi.xml.i -->
+<leafNode name="mac">
+ <properties>
+ <help>Media Access Control (MAC) address</help>
+ <valueHelp>
+ <format>macaddr</format>
+ <description>Hardware (MAC) address</description>
+ </valueHelp>
+ <constraint>
+ <validator name="mac-address"/>
+ </constraint>
+ <multi/>
+ </properties>
+</leafNode>
+<!-- include end -->
diff --git a/interface-definitions/interfaces-wireless.xml.in b/interface-definitions/interfaces-wireless.xml.in
index 421d46c6e..88b858c07 100644
--- a/interface-definitions/interfaces-wireless.xml.in
+++ b/interface-definitions/interfaces-wireless.xml.in
@@ -595,6 +595,49 @@
<help>Wireless security settings</help>
</properties>
<children>
+ <node name="station-address">
+ <properties>
+ <help>Station MAC address based authentication</help>
+ </properties>
+ <children>
+ <leafNode name="mode">
+ <properties>
+ <help>Select security operation mode</help>
+ <completionHelp>
+ <list>accept deny</list>
+ </completionHelp>
+ <valueHelp>
+ <format>accept</format>
+ <description>Accept all clients unless found in deny list</description>
+ </valueHelp>
+ <valueHelp>
+ <format>deny</format>
+ <description>Deny all clients unless found in accept list</description>
+ </valueHelp>
+ <constraint>
+ <regex>(accept|deny)</regex>
+ </constraint>
+ </properties>
+ <defaultValue>accept</defaultValue>
+ </leafNode>
+ <node name="accept">
+ <properties>
+ <help>Accept station MAC address</help>
+ </properties>
+ <children>
+ #include <include/interface/mac-multi.xml.i>
+ </children>
+ </node>
+ <node name="deny">
+ <properties>
+ <help>Deny station MAC address</help>
+ </properties>
+ <children>
+ #include <include/interface/mac-multi.xml.i>
+ </children>
+ </node>
+ </children>
+ </node>
<node name="wep">
<properties>
<help>Wired Equivalent Privacy (WEP) parameters</help>