From 8e888081c701829d3bc2e51a5c74a80efc0e8ca3 Mon Sep 17 00:00:00 2001
From: Harald Welte <laforge@osmocom.org>
Date: Thu, 7 Apr 2022 21:43:45 +0200
Subject: [PATCH] tr-bridge: Only receive 802.2 LLC frames on the ethernet side

This should prevent bridging any kind of IP/ARP/... stuff to TR.
---
 tr-bridge.c | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/tr-bridge.c b/tr-bridge.c
index 240aa26..4db9bb7 100644
--- a/tr-bridge.c
+++ b/tr-bridge.c
@@ -128,19 +128,19 @@ static int enable_promisc(int sk, int ifindex)
 	return 0;
 }
 
-static int open_packet_socket(int ifindex)
+static int open_packet_socket(int ifindex, int proto)
 {
 	struct sockaddr_ll addr;
 	int fd, rc;
 
 	memset(&addr, 0, sizeof(addr));
 	addr.sll_family = AF_PACKET;
-	addr.sll_protocol = htons(ETH_P_ALL);
+	addr.sll_protocol = htons(proto);
 	addr.sll_ifindex = ifindex;
 	/* we want only packets for _other_ hosts, not packets sent by us or received for us locally */
 	addr.sll_pkttype = PACKET_OTHERHOST;
 
-	fd = socket(AF_PACKET, SOCK_RAW, htons(ETH_P_ALL));
+	fd = socket(AF_PACKET, SOCK_RAW, htons(proto));
 	if (fd < 0) {
 		fprintf(stderr, "Can not create AF_PACKET socket. Are you root or have CAP_NET_RAW?\n");
 		return fd;
@@ -165,7 +165,7 @@ static int open_packet_socket(int ifindex)
 	return fd;
 }
 
-static int open_packet_socket_for_netdev(const char *ifname)
+static int open_packet_socket_for_netdev(const char *ifname, int proto)
 {
 	int rc;
 
@@ -175,7 +175,7 @@ static int open_packet_socket_for_netdev(const char *ifname)
 		return rc;
 	}
 
-	return open_packet_socket(rc);
+	return open_packet_socket(rc, proto);
 }
 
 
@@ -316,13 +316,13 @@ int main(int argc, char **argv)
 	tr_name = argv[1];
 	eth_name = argv[2];
 
-	bst.tr.socket = open_packet_socket_for_netdev(tr_name);
+	bst.tr.socket = open_packet_socket_for_netdev(tr_name, htons(ETH_P_ALL));
 	if (bst.tr.socket < 0) {
 		fprintf(stderr, "Error opening TR\n");
 		exit(1);
 	}
 
-	bst.eth.socket = open_packet_socket_for_netdev(eth_name);
+	bst.eth.socket = open_packet_socket_for_netdev(eth_name, htons(ETH_P_802_2));
 	if (bst.eth.socket < 0) {
 		fprintf(stderr, "Error opening ETH\n");
 		exit(1);