tr-bridge: Only receive 802.2 LLC frames on the ethernet side
This should prevent bridging any kind of IP/ARP/... stuff to TR.
This commit is contained in:
parent
715c902eb7
commit
8e888081c7
14
tr-bridge.c
14
tr-bridge.c
|
@ -128,19 +128,19 @@ static int enable_promisc(int sk, int ifindex)
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int open_packet_socket(int ifindex)
|
static int open_packet_socket(int ifindex, int proto)
|
||||||
{
|
{
|
||||||
struct sockaddr_ll addr;
|
struct sockaddr_ll addr;
|
||||||
int fd, rc;
|
int fd, rc;
|
||||||
|
|
||||||
memset(&addr, 0, sizeof(addr));
|
memset(&addr, 0, sizeof(addr));
|
||||||
addr.sll_family = AF_PACKET;
|
addr.sll_family = AF_PACKET;
|
||||||
addr.sll_protocol = htons(ETH_P_ALL);
|
addr.sll_protocol = htons(proto);
|
||||||
addr.sll_ifindex = ifindex;
|
addr.sll_ifindex = ifindex;
|
||||||
/* we want only packets for _other_ hosts, not packets sent by us or received for us locally */
|
/* we want only packets for _other_ hosts, not packets sent by us or received for us locally */
|
||||||
addr.sll_pkttype = PACKET_OTHERHOST;
|
addr.sll_pkttype = PACKET_OTHERHOST;
|
||||||
|
|
||||||
fd = socket(AF_PACKET, SOCK_RAW, htons(ETH_P_ALL));
|
fd = socket(AF_PACKET, SOCK_RAW, htons(proto));
|
||||||
if (fd < 0) {
|
if (fd < 0) {
|
||||||
fprintf(stderr, "Can not create AF_PACKET socket. Are you root or have CAP_NET_RAW?\n");
|
fprintf(stderr, "Can not create AF_PACKET socket. Are you root or have CAP_NET_RAW?\n");
|
||||||
return fd;
|
return fd;
|
||||||
|
@ -165,7 +165,7 @@ static int open_packet_socket(int ifindex)
|
||||||
return fd;
|
return fd;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int open_packet_socket_for_netdev(const char *ifname)
|
static int open_packet_socket_for_netdev(const char *ifname, int proto)
|
||||||
{
|
{
|
||||||
int rc;
|
int rc;
|
||||||
|
|
||||||
|
@ -175,7 +175,7 @@ static int open_packet_socket_for_netdev(const char *ifname)
|
||||||
return rc;
|
return rc;
|
||||||
}
|
}
|
||||||
|
|
||||||
return open_packet_socket(rc);
|
return open_packet_socket(rc, proto);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -316,13 +316,13 @@ int main(int argc, char **argv)
|
||||||
tr_name = argv[1];
|
tr_name = argv[1];
|
||||||
eth_name = argv[2];
|
eth_name = argv[2];
|
||||||
|
|
||||||
bst.tr.socket = open_packet_socket_for_netdev(tr_name);
|
bst.tr.socket = open_packet_socket_for_netdev(tr_name, htons(ETH_P_ALL));
|
||||||
if (bst.tr.socket < 0) {
|
if (bst.tr.socket < 0) {
|
||||||
fprintf(stderr, "Error opening TR\n");
|
fprintf(stderr, "Error opening TR\n");
|
||||||
exit(1);
|
exit(1);
|
||||||
}
|
}
|
||||||
|
|
||||||
bst.eth.socket = open_packet_socket_for_netdev(eth_name);
|
bst.eth.socket = open_packet_socket_for_netdev(eth_name, htons(ETH_P_802_2));
|
||||||
if (bst.eth.socket < 0) {
|
if (bst.eth.socket < 0) {
|
||||||
fprintf(stderr, "Error opening ETH\n");
|
fprintf(stderr, "Error opening ETH\n");
|
||||||
exit(1);
|
exit(1);
|
||||||
|
|
Loading…
Reference in New Issue