Use MAC address acls with hostapd

Question

I am using hostapd to turn my pi into a wireless access point, I want to implement a blacklist to block certain device from connecting to the network.

I should be able to do this at a MAC address level by including the following lines in the hostapd.conf file - however when I include it the configuration file won't build correctly and the pi no longer acts as an AP.

macaddr_acl=0
deny_mac_file=/etc/hostapd/hostapd.deny

Any guidance as to why this is causing the .conf file to break, or an alternative way to block hosts from connecting to the AP would be much appreciated.

Suggestion: stop the hostapd service if it's running, then launch it manually in command line like this: hostapd -d /etc/hostapd/hostapd.conf (making sure the path to the configuration file is correct). Then update your question with the output and error messages if any. — Kate, Jan 08 '20 at 20:59
I want to implement a blacklist to block certain device... I am confused about the effectiveness of blocking device by MAC address because it is very easy to spoof that of an existing or known client, for an attacker. Is it for security improvement? so don't waste your time. — Ephemeral, Jan 08 '20 at 21:42
As @Ephemeral said, if you follow this post, would be better. In this way, you don't need to config the hostapd. — M. Rostami, Jan 08 '20 at 22:44
@Anonymous That command provided me with some further error logs that helped me solve the issue - Thanks. The config is now as follows ieee80211n=0 maccaddr_acl=0 deny_mac_file=/etc/hostapd/hostapd.deny and I have added data to the deny file, as it looked to be a empty file causing some of the issues — Jacob Renouf, Jan 09 '20 at 11:18
Please make an answer about the solution and accept it after two days. Only accepting an answer will finish the question and it will not pop up again and again for years (and for nothing, annoying users who try to help). — Ingo, Jan 10 '20 at 08:14

Use MAC address acls with hostapd

0 Answers0