diff --git a/firmware/0x00000.bin b/firmware/0x00000.bin
index 7f4a3e9..d8ca52e 100644
Binary files a/firmware/0x00000.bin and b/firmware/0x00000.bin differ
diff --git a/firmware/0x10000.bin b/firmware/0x10000.bin
index 7532e7a..b8fa866 100644
Binary files a/firmware/0x10000.bin and b/firmware/0x10000.bin differ
diff --git a/user/acl.c b/user/acl.c
deleted file mode 100644
index d4bcd49..0000000
--- a/user/acl.c
+++ /dev/null
@@ -1,310 +0,0 @@
-#include "c_types.h"
-#include "mem.h"
-#include "ets_sys.h"
-#include "osapi.h"
-#include "os_type.h"
-#include "lwip/ip.h"
-#include "lwip/udp.h"
-#include "lwip/tcp_impl.h"
-#include "netif/etharp.h"
-
-#include "user_interface.h"
-#include "string.h"
-
-#include "acl.h"
-
-acl_entry acl[MAX_NO_ACLS][MAX_ACL_ENTRIES];
-uint8_t acl_freep[MAX_NO_ACLS];
-uint32_t acl_allow_count;
-uint32_t acl_deny_count;
-static packet_deny_cb my_deny_cb;
-
-void ICACHE_FLASH_ATTR
-acl_init()
-{
-  int i;
-  acl_allow_count = acl_deny_count = 0;
-  my_deny_cb = NULL;
-  for(i=0; i< MAX_NO_ACLS; i++)
-  {
-    acl_freep[i] = 0;
-    acl_clear_stats(i);
-  }
-}
-
-bool ICACHE_FLASH_ATTR
-acl_is_empty(uint8_t acl_no)
-{
-  if (acl_no >= MAX_NO_ACLS)
-  {
-    return true;
-  }
-  return acl_freep[acl_no] == 0;
-}
-
-void ICACHE_FLASH_ATTR
-acl_clear(uint8_t acl_no)
-{
-  if (acl_no >= MAX_NO_ACLS)
-  {
-    return;
-  }
-  acl_freep[acl_no] = 0;
-  acl_clear_stats(acl_no);
-}
-
-void ICACHE_FLASH_ATTR
-acl_clear_stats(uint8_t acl_no)
-{
-  int i;
-
-  if (acl_no >= MAX_NO_ACLS)
-  {
-    return;
-  }
-  my_deny_cb = NULL;
-  for(i=0; i< MAX_ACL_ENTRIES; i++)
-  acl[acl_no][i].hit_count = 0;
-}
-
-bool ICACHE_FLASH_ATTR
-acl_add(uint8_t acl_no,
-        uint32_t src,
-        uint32_t s_mask,
-        uint32_t dest,
-        uint32_t d_mask,
-        uint8_t proto,
-        uint16_t s_port,
-        uint16_t d_port,
-        uint8_t allow)
-{
-  acl_entry *my_entry;
-
-  if (acl_no >= MAX_NO_ACLS || acl_freep[acl_no] >= MAX_ACL_ENTRIES)
-  {
-    return false;
-  }
-
-  my_entry = &acl[acl_no][acl_freep[acl_no]];
-  my_entry->src = src & s_mask;
-  my_entry->s_mask = s_mask;
-  my_entry->dest = dest & d_mask;
-  my_entry->d_mask = d_mask;
-  my_entry->proto = proto;
-  my_entry->s_port = s_port;
-  my_entry->d_port = d_port;
-  my_entry->allow = allow;
-  my_entry->hit_count = 0;
-
-  acl_freep[acl_no]++;
-  return true;
-}
-
-uint8_t ICACHE_FLASH_ATTR
-acl_check_packet(uint8_t acl_no, struct pbuf *p)
-{
-  struct eth_hdr *mac_h;
-  struct ip_hdr *ip_h;
-  uint8_t proto;
-  struct udp_hdr *udp_h;
-  struct tcp_hdr *tcp_h;
-  uint16_t src_port, dest_port;
-  uint8_t *packet;
-  int i;
-  acl_entry *my_entry;
-  uint8_t allow;
-
-  if (acl_no >= MAX_NO_ACLS)
-  {
-    return ACL_DENY;
-  }
-
-  if (p->len < sizeof(struct eth_hdr))
-  {
-    return ACL_DENY;
-  }
-
-  mac_h = (struct eth_hdr *)p->payload;
-
-  // Allow ARP
-  if (ntohs(mac_h->type) == ETHTYPE_ARP)
-  {
-    acl_allow_count++;
-    return ACL_ALLOW;
-  }
-
-  // Drop anything else if not IPv4
-  if (ntohs(mac_h->type) != ETHTYPE_IP)
-  {
-    acl_deny_count++;
-    return ACL_DENY;
-  }
-
-  if (p->len < sizeof(struct eth_hdr)+sizeof(struct ip_hdr))
-  {
-    acl_deny_count++;
-    return ACL_DENY;
-  }
-
-  allow = ACL_DENY;
-  packet = (uint8_t*)p->payload;
-  ip_h = (struct ip_hdr *)&packet[sizeof(struct eth_hdr)];
-  proto = IPH_PROTO(ip_h);
-
-  switch (proto) {
-    case IP_PROTO_UDP:
-    {
-      if (p->len < sizeof(struct eth_hdr)+sizeof(struct ip_hdr)+sizeof(struct udp_hdr))
-      {
-        return;
-      }
-      udp_h = (struct udp_hdr *)&packet[sizeof(struct eth_hdr)+sizeof(struct ip_hdr)];
-      src_port = ntohs(udp_h->src);
-      dest_port = ntohs(udp_h->dest);
-    } break;
-
-    case IP_PROTO_TCP:
-    {
-      if (p->len < sizeof(struct eth_hdr)+sizeof(struct ip_hdr)+sizeof(struct tcp_hdr))
-      {
-        return;
-      }
-      tcp_h = (struct tcp_hdr *)&packet[sizeof(struct eth_hdr)+sizeof(struct ip_hdr)];
-      src_port = ntohs(tcp_h->src);
-      dest_port = ntohs(tcp_h->dest);
-    } break;
-
-    case IP_PROTO_ICMP:
-    {
-      src_port = dest_port = 0;
-    } break;
-
-    // Drop anything that is not UDP, TCP, or ICMP
-    default:
-    {
-      acl_deny_count++;
-      return ACL_DENY;
-    } break;
-  }
-
-  //    os_printf("Src: %d.%d.%d.%d Dst: %d.%d.%d.%d Proto: %s SP:%d DP:%d\n",
-  //		IP2STR(&ip_h->src), IP2STR(&ip_h->dest),
-  //		proto==IP_PROTO_TCP?"TCP":proto==IP_PROTO_UDP?"UDP":"IP4", src_port, dest_port);
-
-  for(i=0; i<acl_freep[acl_no]; i++)
-  {
-    my_entry = &acl[acl_no][i];
-    if ((my_entry->proto == 0  || proto == my_entry->proto) &&
-        (my_entry->src == 0    || my_entry->src == (ip_h->src.addr&my_entry->s_mask)) &&
-        (my_entry->dest == 0   || my_entry->dest == (ip_h->dest.addr&my_entry->d_mask)) &&
-        (my_entry->s_port == 0 || my_entry->s_port == src_port) &&
-        (my_entry->d_port == 0 || my_entry->d_port == dest_port))
-    {
-      allow = my_entry->allow;
-      my_entry->hit_count++;
-      goto done;
-    }
-  }
-
-done:
-  if (!(allow & ACL_ALLOW) && my_deny_cb != NULL)
-  {
-    allow = my_deny_cb(proto, ip_h->src.addr, src_port,
-                       ip_h->dest.addr, dest_port, allow);
-  }
-  if (allow & ACL_ALLOW)
-  {
-    acl_allow_count++;
-  }
-  else
-  {
-    acl_deny_count++;
-  }
-
-  // os_printf(" allow: %d\r\n",  allow);
-  return allow;
-}
-
-void
-acl_set_deny_cb(packet_deny_cb cb)
-{
-  my_deny_cb = cb;
-}
-
-void ICACHE_FLASH_ATTR
-addr2str(uint8_t *buf, uint32_t addr, uint32_t mask)
-{
-  uint8_t clidr;
-
-  if (addr == 0)
-  {
-    os_sprintf(buf, "any");
-    return;
-  }
-
-  mask = ntohl(mask);
-  for (clidr = 0; mask; mask <<= 1,clidr++);
-  if (clidr < 32)
-  {
-    os_sprintf(buf, "%d.%d.%d.%d/%d", IP2STR((ip_addr_t*)&addr), clidr);
-  }
-  else
-  {
-    os_sprintf(buf, "%d.%d.%d.%d", IP2STR((ip_addr_t*)&addr));
-  }
-}
-
-void ICACHE_FLASH_ATTR
-port2str(uint8_t *buf, uint16_t port)
-{
-  if (port == 0)
-  {
-    os_sprintf(buf, "any");
-  }
-  else
-  {
-    os_sprintf(buf, "%d", port);
-  }
-}
-
-void ICACHE_FLASH_ATTR
-acl_show(uint8_t acl_no, uint8_t *buf)
-{
-  int i;
-  acl_entry *my_entry;
-  uint8_t line[80], addr1[21], addr2[21], port1[6], port2[6];
-
-  buf[0] = 0;
-
-  if (acl_no >= MAX_NO_ACLS)
-  {
-    return;
-  }
-
-  for(i = 0; i < acl_freep[acl_no]; i++)
-  {
-    my_entry = &acl[acl_no][i];
-    addr2str(addr1, my_entry->src, my_entry->s_mask);
-    port2str(port1, my_entry->s_port);
-    addr2str(addr2, my_entry->dest, my_entry->d_mask);
-    port2str(port2, my_entry->d_port);
-    if (my_entry->proto != 0)
-    {
-      os_sprintf(line, "%s %s:%s %s:%s %s%s (%d hits)\r\n",
-      my_entry->proto==IP_PROTO_TCP?"TCP":"UDP",
-      addr1, port1, addr2, port2,
-      (my_entry->allow & ACL_ALLOW)?"allow":"deny",
-      (my_entry->allow & ACL_MONITOR)?"_monitor":"",
-      my_entry->hit_count);
-    }
-    else
-    {
-      os_sprintf(line, "IP %s %s %s%s (%d hits)\r\n",
-      addr1, addr2,
-      (my_entry->allow & ACL_ALLOW)?"allow":"deny",
-      (my_entry->allow & ACL_MONITOR)?"_monitor":"",
-      my_entry->hit_count);
-    }
-    os_memcpy(&buf[os_strlen(buf)], line, os_strlen(line)+1);
-  }
-}
diff --git a/user/acl.h b/user/acl.h
deleted file mode 100644
index 59f8859..0000000
--- a/user/acl.h
+++ /dev/null
@@ -1,51 +0,0 @@
-#ifndef _ACL_H_
-#define _ACL_H_
-
-#include "lwip/ip.h"
-#include "lwip/pbuf.h"
-
-#define MAX_NO_ACLS 4
-#define MAX_ACL_ENTRIES 30
-
-#define ACL_DENY     0x0
-#define ACL_ALLOW    0x1
-#define ACL_MONITOR  0x2
-
-typedef struct _acl_entry
-{
-  uint32_t src;
-  uint32_t s_mask;
-  uint32_t dest;
-  uint32_t d_mask;
-  uint16_t s_port;
-  uint16_t d_port;
-  uint8_t proto;
-  uint8_t allow;
-  uint32_t hit_count;
-} acl_entry;
-
-extern acl_entry acl[MAX_NO_ACLS][MAX_ACL_ENTRIES];
-extern uint8_t acl_freep[MAX_NO_ACLS];
-extern uint32_t acl_allow_count;
-extern uint32_t acl_deny_count;
-
-typedef uint8_t (*packet_deny_cb)(uint8_t proto, uint32_t saddr, uint16_t s_port, uint32_t daddr, uint16_t d_port, uint8_t allow);
-
-void acl_init();
-bool acl_is_empty(uint8_t acl_no);
-void acl_clear(uint8_t acl_no);
-void acl_clear_stats(uint8_t acl_no);
-bool acl_add(uint8_t acl_no,
-             uint32_t src,
-             uint32_t s_mask,
-             uint32_t dest,
-             uint32_t d_mask,
-             uint8_t proto,
-             uint16_t s_port,
-             uint16_t d_port,
-             uint8_t allow);
-uint8_t acl_check_packet(uint8_t acl_no, struct pbuf *p);
-void acl_set_deny_cb(packet_deny_cb cb);
-void acl_show(uint8_t acl_no, uint8_t *buf);
-
-#endif /* _ACL_H_ */
diff --git a/user/config_flash.c b/user/config_flash.c
index 96152d4..0af7b51 100644
--- a/user/config_flash.c
+++ b/user/config_flash.c
@@ -45,9 +45,6 @@ config_load_default(sysconfig_p config)
   wifi_get_macaddr(STATION_IF, config->STA_MAC_address);
 
   config->dhcps_entries = 0;
-#ifdef ACLS
-  acl_init();	// initializes the ACLs, written in config during save
-#endif
 
   config->current_mac_address = 0;
   // Interval to change mac address in seconds
@@ -73,94 +70,6 @@ config_load_default(sysconfig_p config)
   ets_str2macaddr(config->mac_list[13], "4E:53:50:4F:4F:4D");
   ets_str2macaddr(config->mac_list[14], "4E:53:50:4F:4F:4E");
   ets_str2macaddr(config->mac_list[15], "4E:53:50:4F:4F:4F");
-
-  // Streetpass relay whitelist
-  uint32_t daddr;
-  uint32_t dmask;
-
-  // Clear all acl rules
-  acl_clear(0);
-  acl_clear(1);
-  acl_clear(2);
-  acl_clear(3);
-
-  // Whitelist broadcast to enable DHCP
-  parse_IP_addr("255.255.255.255", &daddr, &dmask);
-  acl_add(0, 0, 0, daddr, dmask, 0, 0, 0, ACL_ALLOW);
-
-  // Whitelist DNS
-  acl_add(0, 0, 0, 0, 0, IP_PROTO_UDP, 0, 53, ACL_ALLOW);
-
-  // Whitelist Streetpass relays
-  // acl from_sta IP any 52.43.174.40 allow
-  parse_IP_addr("52.43.174.40", &daddr, &dmask);
-  acl_add(0, 0, 0, daddr, dmask, 0, 0, 0, ACL_ALLOW);
-
-  parse_IP_addr("104.70.153.178", &daddr, &dmask);
-  acl_add(0, 0, 0, daddr, dmask, 0, 0, 0, ACL_ALLOW);
-
-  parse_IP_addr("104.74.48.110", &daddr, &dmask);
-  acl_add(0, 0, 0, daddr, dmask, 0, 0, 0, ACL_ALLOW);
-
-  parse_IP_addr("23.7.18.146", &daddr, &dmask);
-  acl_add(0, 0, 0, daddr, dmask, 0, 0, 0, ACL_ALLOW);
-
-  parse_IP_addr("23.7.24.35", &daddr, &dmask);
-  acl_add(0, 0, 0, daddr, dmask, 0, 0, 0, ACL_ALLOW);
-
-  parse_IP_addr("52.11.210.152", &daddr, &dmask);
-  acl_add(0, 0, 0, daddr, dmask, 0, 0, 0, ACL_ALLOW);
-
-  parse_IP_addr("52.25.179.65", &daddr, &dmask);
-  acl_add(0, 0, 0, daddr, dmask, 0, 0, 0, ACL_ALLOW);
-
-  parse_IP_addr("52.89.56.205", &daddr, &dmask);
-  acl_add(0, 0, 0, daddr, dmask, 0, 0, 0, ACL_ALLOW);
-
-  parse_IP_addr("54.148.137.96", &daddr, &dmask);
-  acl_add(0, 0, 0, daddr, dmask, 0, 0, 0, ACL_ALLOW);
-
-  parse_IP_addr("54.218.98.74", &daddr, &dmask);
-  acl_add(0, 0, 0, daddr, dmask, 0, 0, 0, ACL_ALLOW);
-
-  parse_IP_addr("54.218.99.79", &daddr, &dmask);
-  acl_add(0, 0, 0, daddr, dmask, 0, 0, 0, ACL_ALLOW);
-
-  parse_IP_addr("54.244.22.201", &daddr, &dmask);
-  acl_add(0, 0, 0, daddr, dmask, 0, 0, 0, ACL_ALLOW);
-
-  parse_IP_addr("69.25.139.140", &daddr, &dmask);
-  acl_add(0, 0, 0, daddr, dmask, 0, 0, 0, ACL_ALLOW);
-
-  parse_IP_addr("192.195.204.216", &daddr, &dmask);
-  acl_add(0, 0, 0, daddr, dmask, 0, 0, 0, ACL_ALLOW);
-
-  parse_IP_addr("52.10.249.207", &daddr, &dmask);
-  acl_add(0, 0, 0, daddr, dmask, 0, 0, 0, ACL_ALLOW);
-
-  // NOTE(m): New IP addresses found by Dal78
-  // NOTE(m): The list of Streetpass IP addresses may be dynamic :-/
-  parse_IP_addr("52.24.183.161", &daddr, &dmask);
-  acl_add(0, 0, 0, daddr, dmask, 0, 0, 0, ACL_ALLOW);
-
-  parse_IP_addr("52.39.19.157", &daddr, &dmask);
-  acl_add(0, 0, 0, daddr, dmask, 0, 0, 0, ACL_ALLOW);
-
-  parse_IP_addr("34.208.213.200", &daddr, &dmask);
-  acl_add(0, 0, 0, daddr, dmask, 0, 0, 0, ACL_ALLOW);
-
-  parse_IP_addr("104.103.189.191", &daddr, &dmask);
-  acl_add(0, 0, 0, daddr, dmask, 0, 0, 0, ACL_ALLOW);
-
-  parse_IP_addr("23.2.226.76", &daddr, &dmask);
-  acl_add(0, 0, 0, daddr, dmask, 0, 0, 0, ACL_ALLOW);
-
-  parse_IP_addr("35.167.248.201", &daddr, &dmask);
-  acl_add(0, 0, 0, daddr, dmask, 0, 0, 0, ACL_ALLOW);
-
-  // Default implementation denies everything not matched above.
-  // This last rule is not necessary and commented out to save memory space:
-  // acl_add(0, 0, 0, 0, 0, 0, 0, 0, ACL_DENY);
 }
 
 int
@@ -193,10 +102,7 @@ config_load(sysconfig_p config)
     config_save(config);
     return -1;
   }
-#ifdef ACLS
-  os_memcpy(&acl, &(config->acl), sizeof(acl));
-  os_memcpy(&acl_freep, &(config->acl_freep), sizeof(acl_freep));
-#endif
+
   return 0;
 }
 
@@ -204,10 +110,6 @@ void
 config_save(sysconfig_p config)
 {
   uint16_t base_address = FLASH_BLOCK_NO;
-#ifdef ACLS
-  os_memcpy(&(config->acl), &acl, sizeof(acl));
-  os_memcpy(&(config->acl_freep), &acl_freep, sizeof(acl_freep));
-#endif
   os_printf("Saving configuration\r\n");
   spi_flash_erase_sector(base_address);
   spi_flash_write(base_address * SPI_FLASH_SEC_SIZE,
diff --git a/user/config_flash.h b/user/config_flash.h
index bd920aa..7e31b55 100644
--- a/user/config_flash.h
+++ b/user/config_flash.h
@@ -11,7 +11,6 @@
 #include "lwip/app/dhcpserver.h"
 
 #include "user_config.h"
-#include "acl.h"
 
 #define FLASH_BLOCK_NO 0xc
 
@@ -60,10 +59,6 @@ typedef struct
 
   uint16_t dhcps_entries; // number of allocated entries in the following table
   struct dhcps_pool dhcps_p[MAX_DHCP]; // DHCP entries
-#ifdef ACLS
-  acl_entry acl[MAX_NO_ACLS][MAX_ACL_ENTRIES]; // ACL entries
-  uint8_t acl_freep[MAX_NO_ACLS]; // ACL free pointers
-#endif
 
   // HomePass mac list
   // Allow 20 slots
diff --git a/user/user_config.h b/user/user_config.h
index 19287e3..d58f160 100644
--- a/user/user_config.h
+++ b/user/user_config.h
@@ -27,11 +27,6 @@
 //
 #define PHY_MODE 1
 
-//
-// Define this if you want to have ACLs for the SoftAP.
-//
-#define ACLS 1
-
 // Internal
 typedef enum {SIG_DO_NOTHING=0, SIG_START_SERVER=1, SIG_SEND_DATA, SIG_UART0, SIG_CONSOLE_RX, SIG_CONSOLE_TX, SIG_CONSOLE_TX_RAW, SIG_GPIO_INT} USER_SIGNALS;
 
diff --git a/user/user_main.c b/user/user_main.c
index 89b5b09..ac563ce 100644
--- a/user/user_main.c
+++ b/user/user_main.c
@@ -23,10 +23,6 @@
 
 #include "easygpio.h"
 
-#ifdef ACLS
-#include "acl.h"
-#endif
-
 /* System Task, for signals refer to user_config.h */
 #define user_procTaskPrio 0
 #define user_procTaskQueueLen 1
@@ -83,24 +79,6 @@ my_input_ap(struct pbuf *p, struct netif *inp)
 
   client_watchdog_cnt = config.client_watchdog;
 
-#ifdef ACLS
-  // Check ACLs - store result
-  uint8_t acl_check = ACL_ALLOW;
-  if (!acl_is_empty(0))
-  {
-    acl_check = acl_check_packet(0, p);
-  }
-#endif
-
-#ifdef ACLS
-  // If not allowed, drop packet
-  if (!(acl_check&ACL_ALLOW))
-  {
-    pbuf_free(p);
-    return;
-  }
-#endif
-
   Bytes_in += p->tot_len;
   Packets_in++;
 
@@ -117,24 +95,6 @@ my_output_ap(struct netif *outp, struct pbuf *p)
     easygpio_outputSet (config.status_led, 0);
   }
 
-#ifdef ACLS
-  // Check ACLs - store result
-  uint8_t acl_check = ACL_ALLOW;
-  if (!acl_is_empty(1))
-  {
-    acl_check = acl_check_packet(1, p);
-  }
-#endif
-
-#ifdef ACLS
-  // If not allowed, drop packet
-  if (!(acl_check&ACL_ALLOW))
-  {
-    pbuf_free(p);
-    return;
-  }
-#endif
-
   Bytes_out += p->tot_len;
   Packets_out++;
 
@@ -145,26 +105,12 @@ err_t ICACHE_FLASH_ATTR
 my_input_sta(struct pbuf *p, struct netif *inp)
 {
   ap_watchdog_cnt = config.ap_watchdog;
-#ifdef ACLS
-  if (!acl_is_empty(2) && !(acl_check_packet(2, p) & ACL_ALLOW))
-  {
-    pbuf_free(p);
-    return;
-  }
-#endif
   orig_input_sta (p, inp);
 }
 
 err_t ICACHE_FLASH_ATTR
 my_output_sta(struct netif *outp, struct pbuf *p)
 {
-#ifdef ACLS
-  if (!acl_is_empty(3) && !(acl_check_packet(3, p) & ACL_ALLOW))
-  {
-    pbuf_free(p);
-    return;
-  }
-#endif
   orig_output_sta (outp, p);
 }
 
@@ -304,67 +250,6 @@ console_send_response(struct espconn *pespconn, uint8_t do_cmd)
   }
 }
 
-
-#ifdef ACLS
-void ICACHE_FLASH_ATTR
-parse_IP_addr(uint8_t *str, uint32_t *addr, uint32_t *mask)
-{
-  int i;
-  uint32_t net;
-  if (strcmp(str, "any") == 0)
-  {
-    *addr = 0;
-    *mask = 0;
-    return;
-  }
-
-  for(i=0; str[i]!=0 && str[i]!='/'; i++);
-
-  *mask = 0xffffffff;
-  if (str[i]!=0)
-  {
-    str[i]=0;
-    *mask <<= (32 - atoi(&str[i+1]));
-  }
-  *mask = htonl(*mask);
-  *addr = ipaddr_addr(str);
-}
-
-struct espconn *deny_cb_conn = 0;
-uint8_t acl_debug = 0;
-
-uint8_t
-acl_deny_cb(uint8_t proto,
-            uint32_t saddr,
-            uint16_t s_port,
-            uint32_t daddr,
-            uint16_t d_port,
-            uint8_t allow)
-{
-  char response[128];
-
-    if (!acl_debug)
-    {
-      return allow;
-    }
-
-    os_sprintf(response,
-               "\rdeny: %s Src: %d.%d.%d.%d:%d Dst: %d.%d.%d.%d:%d\r\n",
-               proto==IP_PROTO_TCP?"TCP":proto==IP_PROTO_UDP?"UDP":"IP4",
-               IP2STR((ip_addr_t *)&saddr),
-               s_port,
-               IP2STR((ip_addr_t *)&daddr),
-               d_port);
-
-    if (acl_debug)
-    {
-      to_console(response);
-      system_os_post(0, SIG_CONSOLE_TX, (ETSParam) deny_cb_conn);
-    }
-    return allow;
-}
-#endif /* ACLS */
-
 // Use this from ROM instead
 int ets_str2macaddr(uint8 *mac, char *str_mac);
 #define parse_mac ets_str2macaddr
@@ -431,10 +316,6 @@ console_handle_command(struct espconn *pespconn)
     to_console(response);
 #endif
 
-#ifdef ACLS
-    os_sprintf(response, "acl [from_sta|to_sta|from_ap|to_ap] clear\r\nacl [from_sta|to_sta|from_ap|to_ap] [IP|TCP|UDP] <src_addr> [<src_port>] <dest_addr> [<dest_port>] [allow|deny|allow_monitor|deny_monitor]\r\n");
-    to_console(response);
-#endif
     goto command_handled_2;
   }
 
@@ -579,144 +460,8 @@ console_handle_command(struct espconn *pespconn)
       }
       goto command_handled_2;
     }
-#ifdef ACLS
-    if (nTokens == 2 && strcmp(tokens[1], "acl") == 0)
-    {
-      char *txt[] = {"From STA:\r\n",
-                     "To STA:\r\n", "From AP:\r\n", "To AP:\r\n"};
-      for (i = 0; i<MAX_NO_ACLS; i++)
-      {
-        if (!acl_is_empty(i))
-        {
-          ringbuf_memcpy_into(console_tx_buffer, txt[i], os_strlen(txt[i]));
-          acl_show(i, response);
-          to_console(response);
-        }
-      }
-      os_sprintf(response, "Packets denied: %d Packets allowed: %d\r\n",
-                 acl_deny_count, acl_allow_count);
-      to_console(response);
-      goto command_handled_2;
-    }
-#endif
   }
 
-#ifdef ACLS
-  if (strcmp(tokens[0], "acl") == 0)
-  {
-    uint8_t acl_no;
-    uint8_t proto;
-    uint32_t saddr;
-    uint32_t smask;
-    uint16_t sport;
-    uint32_t daddr;
-    uint32_t dmask;
-    uint16_t dport;
-    uint8_t allow;
-    uint8_t last_arg;
-
-    if (nTokens < 3)
-    {
-      os_sprintf(response, INVALID_NUMARGS);
-      goto command_handled;
-    }
-
-    if (strcmp(tokens[1],"from_sta")==0)
-    {
-      acl_no = 0;
-    }
-    else if (strcmp(tokens[1],"to_sta")==0)
-    {
-      acl_no = 1;
-    }
-    else if (strcmp(tokens[1],"from_ap")==0)
-    {
-      acl_no = 2;
-    }
-    else if (strcmp(tokens[1],"to_ap")==0)
-    {
-      acl_no = 3;
-    }
-    else
-    {
-      os_sprintf(response, INVALID_ARG);
-      goto command_handled;
-    }
-
-    if (strcmp(tokens[2],"clear")==0)
-    {
-      acl_clear(acl_no);
-      os_sprintf(response, "ACL cleared\r\n");
-      goto command_handled;
-    }
-
-    last_arg = 7;
-    if (strcmp(tokens[2],"IP") == 0)
-    {
-      proto = 0;
-      last_arg = 5;
-    }
-    else if (strcmp(tokens[2],"TCP") == 0)
-    {
-      proto = IP_PROTO_TCP;
-    }
-    else if (strcmp(tokens[2],"UDP") == 0)
-    {
-      proto = IP_PROTO_UDP;
-    }
-    else
-    {
-      os_sprintf(response, INVALID_ARG);
-      goto command_handled;
-    }
-
-    if (nTokens != last_arg+1)
-    {
-      os_sprintf(response, INVALID_NUMARGS);
-      goto command_handled;
-    }
-
-    if (proto == 0)
-    {
-      parse_IP_addr(tokens[3], &saddr, &smask);
-      parse_IP_addr(tokens[4], &daddr, &dmask);
-      sport = dport = 0;
-    }
-    else
-    {
-      parse_IP_addr(tokens[3], &saddr, &smask);
-      sport = (uint16_t)atoi(tokens[4]);
-      parse_IP_addr(tokens[5], &daddr, &dmask);
-      dport = (uint16_t)atoi(tokens[6]);
-    }
-
-    if (strcmp(tokens[last_arg],"allow") == 0)
-    {
-       allow = ACL_ALLOW;
-    }
-    else if (strcmp(tokens[last_arg],"deny") == 0)
-    {
-      allow = ACL_DENY;
-    }
-    else
-    {
-      os_sprintf(response, INVALID_ARG);
-      goto command_handled;
-    }
-
-    if (acl_add(acl_no, saddr, smask, daddr, dmask, proto, sport,
-                dport, allow))
-    {
-      os_sprintf(response, "ACL added\r\n");
-    }
-    else
-    {
-      os_sprintf(response, "ACL add failed\r\n");
-    }
-    goto command_handled;
-  }
-#endif /* ACLS */
-
   if (strcmp(tokens[0], "connect") == 0)
   {
     if (nTokens > 1)
@@ -947,15 +692,6 @@ console_handle_command(struct espconn *pespconn)
         goto command_handled;
       }
 
-#ifdef ACLS
-      if (strcmp(tokens[1], "acl_debug") == 0)
-      {
-        acl_debug = atoi(tokens[2]);
-        os_sprintf(response, "ACL debug set\r\n");
-        goto command_handled;
-      }
-#endif
-
       if (strcmp(tokens[1], "speed") == 0)
       {
         uint16_t speed = atoi(tokens[2]);
@@ -1478,15 +1214,6 @@ user_init()
   // Load config
   config_load(&config);
 
-#ifdef ACLS
-  acl_debug = 0;
-  int i;
-  for(i=0; i< MAX_NO_ACLS; i++)
-  {
-    acl_clear_stats(i);
-  }
-  acl_set_deny_cb(acl_deny_cb);
-#endif
   // Config GPIO pin as output
   if (config.status_led == 1)
   {