Modify

Opened 4 years ago

Closed 3 years ago

#15259 closed enhancement (fixed)

Add 802.1x dynamic vlan support to hostapd

Reported by: BenFranske Owned by: developers
Priority: normal Milestone: Chaos Calmer 15.05
Component: packages Version: Trunk
Keywords: netifd, hostapd, 802.1x Cc: blogic, nbd

Description

hostapd supports receiving vlan information from a RADIUS server, I believe this may have even been turned on at one point see:
https://www.mail-archive.com/openwrt-devel@lists.openwrt.org/msg11536.html

Also see:
http://www.packetfence.org/news/2013/article/packetfence-now-supports-hostapd.html
http://www.radiusdesk.com/technical_discussions/dynamicvlan

For some reason this is not available in BB though. Specifically these options need to be supported in hostapd.sh (netifd.sh):
dynamic_vlan
vlan_file
vlan_tagged_interface

See http://dev.laptop.org/pub/firmware/libertas/thinfirm/hostapd.conf.sample for detailed information about these hostapd options.

In addition a default /etc/config/hostapd.vlan file should be created with the single line "* wlan0.#" and the default should then be "vlan_file=/etc/config/hostapd.vlan"

I have hacked some of this together myself and have this partially working with the wlan0.2 (for example) interface being created when a user logs on who RADIUS assigns to VLAN 2, though I don't have the tagged interface bridging working correctly. I do have a test environment for this standing by though and am happy to do some testing to make this work.

Attachments (2)

netifd.sh.patch (2.2 KB) - added by lars@… 3 years ago.
Better patch (support for all options available in hostapd)
netifd.sh.2.patch (2.2 KB) - added by lars@… 3 years ago.
Same patch, for r442115

Download all attachments as: .zip

Change History (8)

comment:1 Changed 4 years ago by BenFranske

There is a patch available at http://patchwork.openwrt.org/patch/4962/ which should support this. Note that I have encountered some problems in testing this patch though, see: https://forum.openwrt.org/viewtopic.php?id=49559

comment:2 Changed 4 years ago by BenFranske

I have resolved the problems I was having with this patch. The issue was resolved by rebooting the router after patching the file. The hostapd.sh file must have been cached somewhere and was not being re-read by bringing the wireless interface down and up. Once the router was rebooted the patch worked as expected. Please add this patch to the hostapd package to restore the dynamic vlan functionality!

comment:3 Changed 4 years ago by anonymous

Is it fixed in BB r40572 or i still have to use this patch?

comment:4 Changed 4 years ago by BenFranske

No, it is a patch to the hostapd configuration not netifd. To complicate things, in the source tree the file being patched is netifd.sh <https://dev.openwrt.org/browser/trunk/package/network/services/hostapd/files/netifd.sh> but on a built system witht eh hostapd package installed the file is /lib/netifd/hostapd.sh

Changed 3 years ago by lars@…

Better patch (support for all options available in hostapd)

Changed 3 years ago by lars@…

Same patch, for r442115

comment:5 Changed 3 years ago by BenFranske

FYI Even though the Milestone for this is set to CC I believe the patch was included in the BB release.

comment:6 Changed 3 years ago by nbd

  • Resolution set to fixed
  • Status changed from new to closed

Add Comment

Modify Ticket

Action
as closed .
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.