Date: Sun, 28 Jun 2009 17:15:17 +0000 (UTC) From: Rui Paulo <rpaulo@FreeBSD.org> To: src-committers@freebsd.org, svn-src-projects@freebsd.org Subject: svn commit: r195143 - projects/mesh11s/sys/net80211 Message-ID: <200906281715.n5SHFHOX017276@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: rpaulo Date: Sun Jun 28 17:15:17 2009 New Revision: 195143 URL: http://svn.freebsd.org/changeset/base/195143 Log: Move the ACL check to a better place. Pointed out by: sam Sponsored by: The FreeBSD Foundation Modified: projects/mesh11s/sys/net80211/ieee80211_mesh.c Modified: projects/mesh11s/sys/net80211/ieee80211_mesh.c ============================================================================== --- projects/mesh11s/sys/net80211/ieee80211_mesh.c Sun Jun 28 17:04:37 2009 (r195142) +++ projects/mesh11s/sys/net80211/ieee80211_mesh.c Sun Jun 28 17:15:17 2009 (r195143) @@ -439,17 +439,6 @@ mesh_input(struct ieee80211_node *ni, st vap->iv_stats.is_rx_badversion++; goto err; } - - /* - * Consult the ACL policy module if setup. - */ - if (vap->iv_acl != NULL && !vap->iv_acl->iac_check(vap, wh->i_addr2)) { - IEEE80211_DISCARD(vap, IEEE80211_MSG_ACL, - wh, NULL, "%s", "disallowed by ACL"); - vap->iv_stats.is_rx_acl++; - goto out; - } - dir = wh->i_fc[1] & IEEE80211_FC1_DIR_MASK; type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; @@ -692,6 +681,16 @@ mesh_recv_mgmt(struct ieee80211_node *ni if (vap->iv_state != IEEE80211_S_RUN) return; /* + * Peer only based on the current ACL policy. + */ + if (vap->iv_acl != NULL && + !vap->iv_acl->iac_check(vap, wh->i_addr2)) { + IEEE80211_DISCARD(vap, IEEE80211_MSG_ACL, + wh, NULL, "%s", "disallowed by ACL"); + vap->iv_stats.is_rx_acl++; + return; + } + /* * Ignore non-mesh STAs. */ if ((scan.capinfo &
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200906281715.n5SHFHOX017276>