tr-bridge: Only receive 802.2 LLC frames on the ethernet side
This should prevent bridging any kind of IP/ARP/... stuff to TR.
This commit is contained in:
parent
715c902eb7
commit
8e888081c7
14
tr-bridge.c
14
tr-bridge.c
|
@ -128,19 +128,19 @@ static int enable_promisc(int sk, int ifindex)
|
|||
return 0;
|
||||
}
|
||||
|
||||
static int open_packet_socket(int ifindex)
|
||||
static int open_packet_socket(int ifindex, int proto)
|
||||
{
|
||||
struct sockaddr_ll addr;
|
||||
int fd, rc;
|
||||
|
||||
memset(&addr, 0, sizeof(addr));
|
||||
addr.sll_family = AF_PACKET;
|
||||
addr.sll_protocol = htons(ETH_P_ALL);
|
||||
addr.sll_protocol = htons(proto);
|
||||
addr.sll_ifindex = ifindex;
|
||||
/* we want only packets for _other_ hosts, not packets sent by us or received for us locally */
|
||||
addr.sll_pkttype = PACKET_OTHERHOST;
|
||||
|
||||
fd = socket(AF_PACKET, SOCK_RAW, htons(ETH_P_ALL));
|
||||
fd = socket(AF_PACKET, SOCK_RAW, htons(proto));
|
||||
if (fd < 0) {
|
||||
fprintf(stderr, "Can not create AF_PACKET socket. Are you root or have CAP_NET_RAW?\n");
|
||||
return fd;
|
||||
|
@ -165,7 +165,7 @@ static int open_packet_socket(int ifindex)
|
|||
return fd;
|
||||
}
|
||||
|
||||
static int open_packet_socket_for_netdev(const char *ifname)
|
||||
static int open_packet_socket_for_netdev(const char *ifname, int proto)
|
||||
{
|
||||
int rc;
|
||||
|
||||
|
@ -175,7 +175,7 @@ static int open_packet_socket_for_netdev(const char *ifname)
|
|||
return rc;
|
||||
}
|
||||
|
||||
return open_packet_socket(rc);
|
||||
return open_packet_socket(rc, proto);
|
||||
}
|
||||
|
||||
|
||||
|
@ -316,13 +316,13 @@ int main(int argc, char **argv)
|
|||
tr_name = argv[1];
|
||||
eth_name = argv[2];
|
||||
|
||||
bst.tr.socket = open_packet_socket_for_netdev(tr_name);
|
||||
bst.tr.socket = open_packet_socket_for_netdev(tr_name, htons(ETH_P_ALL));
|
||||
if (bst.tr.socket < 0) {
|
||||
fprintf(stderr, "Error opening TR\n");
|
||||
exit(1);
|
||||
}
|
||||
|
||||
bst.eth.socket = open_packet_socket_for_netdev(eth_name);
|
||||
bst.eth.socket = open_packet_socket_for_netdev(eth_name, htons(ETH_P_802_2));
|
||||
if (bst.eth.socket < 0) {
|
||||
fprintf(stderr, "Error opening ETH\n");
|
||||
exit(1);
|
||||
|
|
Loading…
Reference in New Issue