From patchwork Thu Nov 4 17:21:05 2010 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Marek Lindner X-Patchwork-Id: 529 Return-Path: Received: from nm14-vm0.bullet.mail.ukl.yahoo.com (nm14-vm0.bullet.mail.ukl.yahoo.com [217.146.183.250]) by open-mesh.org (Postfix) with SMTP id D40A515458F for ; Thu, 4 Nov 2010 18:23:43 +0100 (CET) Received: from [217.146.183.212] by nm14.bullet.mail.ukl.yahoo.com with NNFMP; 04 Nov 2010 17:23:43 -0000 Received: from [217.146.183.33] by tm5.bullet.mail.ukl.yahoo.com with NNFMP; 04 Nov 2010 17:23:43 -0000 Received: from [127.0.0.1] by omp1022.mail.ukl.yahoo.com with NNFMP; 04 Nov 2010 17:23:43 -0000 X-Yahoo-Newman-Id: 520080.36916.bm@omp1022.mail.ukl.yahoo.com Received: (qmail 7519 invoked from network); 4 Nov 2010 17:23:43 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.de; h=DKIM-Signature:Received:X-Yahoo-SMTP:X-YMail-OSG:X-Yahoo-Newman-Property:From:To:Cc:Subject:Date:Message-Id:X-Mailer:In-Reply-To:References:MIME-Version:Content-Type:Content-Transfer-Encoding; b=5C+2jNFxjriuacyojccTKDhLQgPM+TvoDvDkh5Mow2SMJzkIg2ZXtRgUK47uT3Skkh146dWgqr1qh0AqdznbgITOhnbljvPzynWB3z2wpzJsbq2vXH1yxx/2vbNOqELTkZ3HUqw5ETh1kB8+/QHQn5Y282s0OrpE/9sFwdviK2E= ; DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.de; s=s1024; t=1288891423; bh=Wq1MOE+P9KmjLCgmvdgmAhRif0FJrIGQghV0em6RuDU=; h=Received:X-Yahoo-SMTP:X-YMail-OSG:X-Yahoo-Newman-Property:From:To:Cc:Subject:Date:Message-Id:X-Mailer:In-Reply-To:References:MIME-Version:Content-Type:Content-Transfer-Encoding; b=AyCJbfIjHpklm3OOP30LuGOu3xqWFhu8FxTL7DFhXtZai2q09TIPjHdcR1CR2JwGuAQCxS1ppPyXJ0gA0dcDKe8OPAl7K0Z7ydLoML6rUloo3MwabgxZf1GfDaSTRAsBnlRrs9+iEN+wKzFOfqaUlZplc9juKRcleGjWgx7KgB4= Received: from localhost (lindner_marek@78.225.40.81 with plain) by smtp147.mail.ukl.yahoo.com with SMTP; 04 Nov 2010 17:23:43 +0000 GMT X-Yahoo-SMTP: tW.h3tiswBBMXO2coYcbPigGD5Lt6zY_.Zc- X-YMail-OSG: td2SAQgVM1nms8DUvbwHBvkToBxLdeGJGJTGNJblZK.vc4K XuG8zskMy6BhU0Wb.DVWFhkY6_k6l0oqt25ZGPf540SmmSRc5k_Ssd41fXdO y380MdgqcTXLmNfGwCG4ohrB6zMWHlx6BWaciGDC_0h9nga09oMUH4TTuM1O uD1SlG7WbPYC6WSqPI7T8.0mbPL9G_rRTy6cn2oZtYuza9PUB3mkVjeTGZFS AGcgC6G9_PaYCetDnNN9EVhHcTtBXMjw7FFDAKcdnsGCKCRtp X-Yahoo-Newman-Property: ymail-3 From: Marek Lindner To: b.a.t.m.a.n@lists.open-mesh.org Date: Thu, 4 Nov 2010 18:21:05 +0100 Message-Id: <1288891265-16035-8-git-send-email-lindner_marek@yahoo.de> X-Mailer: git-send-email 1.7.1 In-Reply-To: <201011041820.44518.lindner_marek@yahoo.de> References: <201011041820.44518.lindner_marek@yahoo.de> MIME-Version: 1.0 Cc: Marek Lindner Subject: [B.A.T.M.A.N.] [PATCH 8/8] batman-adv: add gateway IPv6 support by filtering DHCPv6 messages X-BeenThere: b.a.t.m.a.n@lists.open-mesh.org X-Mailman-Version: 2.1.11 Precedence: list Reply-To: The list for a Better Approach To Mobile Ad-hoc Networking List-Id: The list for a Better Approach To Mobile Ad-hoc Networking List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Nov 2010 17:23:44 -0000 Some additional checks will be needed in case of extension headers like the fragmentation or hop-by-hop (for jumbo frames for example) headers or ipsec stuff. But this patch should do for most people for now, the rest can be added with a later one. Signed-off-by: Marek Lindner Acked-by: Linus Lüssing --- batman-adv/gateway_client.c | 40 +++++++++++++++++++++++++++++++--------- 1 files changed, 31 insertions(+), 9 deletions(-) diff --git a/batman-adv/gateway_client.c b/batman-adv/gateway_client.c index fde1d8a..0065ffb 100644 --- a/batman-adv/gateway_client.c +++ b/batman-adv/gateway_client.c @@ -24,6 +24,7 @@ #include "gateway_common.h" #include "hard-interface.h" #include +#include #include #include @@ -403,6 +404,7 @@ int gw_is_target(struct bat_priv *bat_priv, struct sk_buff *skb) { struct ethhdr *ethhdr; struct iphdr *iphdr; + struct ipv6hdr *ipv6hdr; struct udphdr *udphdr; unsigned int header_len = 0; @@ -424,17 +426,32 @@ int gw_is_target(struct bat_priv *bat_priv, struct sk_buff *skb) } /* check for ip header */ - if (ntohs(ethhdr->h_proto) != ETH_P_IP) - return 0; + switch (ntohs(ethhdr->h_proto)) { + case ETH_P_IP: + if (!pskb_may_pull(skb, header_len + sizeof(struct iphdr))) + return 0; + iphdr = (struct iphdr *)(skb->data + header_len); + header_len += iphdr->ihl * 4; - if (!pskb_may_pull(skb, header_len + sizeof(struct iphdr))) - return 0; - iphdr = (struct iphdr *)(skb->data + header_len); - header_len += iphdr->ihl * 4; + /* check for udp header */ + if (iphdr->protocol != IPPROTO_UDP) + return 0; + + break; + case ETH_P_IPV6: + if (!pskb_may_pull(skb, header_len + sizeof(struct ipv6hdr))) + return 0; + ipv6hdr = (struct ipv6hdr *)(skb->data + header_len); + header_len += sizeof(struct ipv6hdr); - /* check for udp header */ - if (iphdr->protocol != IPPROTO_UDP) + /* check for udp header */ + if (ipv6hdr->nexthdr != IPPROTO_UDP) + return 0; + + break; + default: return 0; + } if (!pskb_may_pull(skb, header_len + sizeof(struct udphdr))) return 0; @@ -442,7 +459,12 @@ int gw_is_target(struct bat_priv *bat_priv, struct sk_buff *skb) header_len += sizeof(struct udphdr); /* check for bootp port */ - if (ntohs(udphdr->dest) != 67) + if ((ntohs(ethhdr->h_proto) == ETH_P_IP) && + (ntohs(udphdr->dest) != 67)) + return 0; + + if ((ntohs(ethhdr->h_proto) == ETH_P_IPV6) && + (ntohs(udphdr->dest) != 547)) return 0; if (atomic_read(&bat_priv->gw_mode) == GW_MODE_SERVER)