From patchwork Sun Nov 21 23:56:05 2010 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Sven Eckelmann X-Patchwork-Id: 537 Return-Path: Received: from mail.gmx.net (mailout-de.gmx.net [213.165.64.23]) by open-mesh.org (Postfix) with SMTP id 3966E15457A for ; Mon, 22 Nov 2010 00:56:52 +0100 (CET) Received: (qmail invoked by alias); 21 Nov 2010 23:56:51 -0000 Received: from vpnclient-194-112.hrz.tu-chemnitz.de (EHLO sven-desktop.lazhur.ath.cx) [134.109.194.112] by mail.gmx.net (mp037) with SMTP; 22 Nov 2010 00:56:51 +0100 X-Authenticated: #15668376 X-Provags-ID: V01U2FsdGVkX18BL8A3vgoB89ZLH0Dypn4xJwUpYMlsUKFlb+WMfa N3SlDZWxaaSr4o From: Sven Eckelmann To: greg@kroah.com Date: Mon, 22 Nov 2010 00:56:05 +0100 Message-Id: <1290383767-32602-28-git-send-email-sven.eckelmann@gmx.de> X-Mailer: git-send-email 1.7.2.3 In-Reply-To: <1290383767-32602-1-git-send-email-sven.eckelmann@gmx.de> References: <1290383767-32602-1-git-send-email-sven.eckelmann@gmx.de> MIME-Version: 1.0 X-Y-GMX-Trusted: 0 Cc: b.a.t.m.a.n@lists.open-mesh.org, Marek Lindner Subject: [B.A.T.M.A.N.] [PATCH 27/29] Staging: batman-adv: add gateway IPv6 support by filtering DHCPv6 messages X-BeenThere: b.a.t.m.a.n@lists.open-mesh.org X-Mailman-Version: 2.1.11 Precedence: list Reply-To: The list for a Better Approach To Mobile Ad-hoc Networking List-Id: The list for a Better Approach To Mobile Ad-hoc Networking List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Nov 2010 23:56:52 -0000 From: Marek Lindner Some additional checks will be needed in case of extension headers like the fragmentation or hop-by-hop (for jumbo frames for example) headers or ipsec stuff. But this patch should do for most people for now, the rest can be added with a later one. Signed-off-by: Marek Lindner Acked-by: Linus Lüssing Signed-off-by: Sven Eckelmann --- drivers/staging/batman-adv/gateway_client.c | 40 +++++++++++++++++++++------ 1 files changed, 31 insertions(+), 9 deletions(-) diff --git a/drivers/staging/batman-adv/gateway_client.c b/drivers/staging/batman-adv/gateway_client.c index fde1d8a..0065ffb 100644 --- a/drivers/staging/batman-adv/gateway_client.c +++ b/drivers/staging/batman-adv/gateway_client.c @@ -24,6 +24,7 @@ #include "gateway_common.h" #include "hard-interface.h" #include +#include #include #include @@ -403,6 +404,7 @@ int gw_is_target(struct bat_priv *bat_priv, struct sk_buff *skb) { struct ethhdr *ethhdr; struct iphdr *iphdr; + struct ipv6hdr *ipv6hdr; struct udphdr *udphdr; unsigned int header_len = 0; @@ -424,17 +426,32 @@ int gw_is_target(struct bat_priv *bat_priv, struct sk_buff *skb) } /* check for ip header */ - if (ntohs(ethhdr->h_proto) != ETH_P_IP) - return 0; + switch (ntohs(ethhdr->h_proto)) { + case ETH_P_IP: + if (!pskb_may_pull(skb, header_len + sizeof(struct iphdr))) + return 0; + iphdr = (struct iphdr *)(skb->data + header_len); + header_len += iphdr->ihl * 4; - if (!pskb_may_pull(skb, header_len + sizeof(struct iphdr))) - return 0; - iphdr = (struct iphdr *)(skb->data + header_len); - header_len += iphdr->ihl * 4; + /* check for udp header */ + if (iphdr->protocol != IPPROTO_UDP) + return 0; + + break; + case ETH_P_IPV6: + if (!pskb_may_pull(skb, header_len + sizeof(struct ipv6hdr))) + return 0; + ipv6hdr = (struct ipv6hdr *)(skb->data + header_len); + header_len += sizeof(struct ipv6hdr); + + /* check for udp header */ + if (ipv6hdr->nexthdr != IPPROTO_UDP) + return 0; - /* check for udp header */ - if (iphdr->protocol != IPPROTO_UDP) + break; + default: return 0; + } if (!pskb_may_pull(skb, header_len + sizeof(struct udphdr))) return 0; @@ -442,7 +459,12 @@ int gw_is_target(struct bat_priv *bat_priv, struct sk_buff *skb) header_len += sizeof(struct udphdr); /* check for bootp port */ - if (ntohs(udphdr->dest) != 67) + if ((ntohs(ethhdr->h_proto) == ETH_P_IP) && + (ntohs(udphdr->dest) != 67)) + return 0; + + if ((ntohs(ethhdr->h_proto) == ETH_P_IPV6) && + (ntohs(udphdr->dest) != 547)) return 0; if (atomic_read(&bat_priv->gw_mode) == GW_MODE_SERVER)