From 2b8b50d73df2123ffa8c4e323f1db9b852510833 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Maciej=20Kr=C3=BCger?= Date: Mon, 1 May 2023 21:25:33 +0200 Subject: [PATCH] docs: rename ebtables->nftables --- docs/index.rst | 8 ++++---- docs/package/gluon-mesh-batman-adv.rst | 6 +++--- ...-multicast.rst => gluon-nftables-filter-multicast.rst} | 4 ++-- ...lter-ra-dhcp.rst => gluon-nftables-filter-ra-dhcp.rst} | 4 ++-- ...btables-limit-arp.rst => gluon-nftables-limit-arp.rst} | 8 ++++---- ...source-filter.rst => gluon-nftables-source-filter.rst} | 4 ++-- docs/package/gluon-radv-filterd.rst | 2 +- 7 files changed, 18 insertions(+), 18 deletions(-) rename docs/package/{gluon-ebtables-filter-multicast.rst => gluon-nftables-filter-multicast.rst} (91%) rename docs/package/{gluon-ebtables-filter-ra-dhcp.rst => gluon-nftables-filter-ra-dhcp.rst} (82%) rename docs/package/{gluon-ebtables-limit-arp.rst => gluon-nftables-limit-arp.rst} (84%) rename docs/package/{gluon-ebtables-source-filter.rst => gluon-nftables-source-filter.rst} (89%) diff --git a/docs/index.rst b/docs/index.rst index 99fc8535..d6bbfd7a 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -62,10 +62,10 @@ Several Freifunk communities in Germany use Gluon as the foundation of their Fre package/gluon-client-bridge package/gluon-config-mode-domain-select - package/gluon-ebtables-filter-multicast - package/gluon-ebtables-filter-ra-dhcp - package/gluon-ebtables-limit-arp - package/gluon-ebtables-source-filter + package/gluon-nftables-filter-multicast + package/gluon-nftables-filter-ra-dhcp + package/gluon-nftables-limit-arp + package/gluon-nftables-source-filter package/gluon-hoodselector package/gluon-logging package/gluon-mesh-batman-adv diff --git a/docs/package/gluon-mesh-batman-adv.rst b/docs/package/gluon-mesh-batman-adv.rst index cd362ede..5776666c 100644 --- a/docs/package/gluon-mesh-batman-adv.rst +++ b/docs/package/gluon-mesh-batman-adv.rst @@ -13,7 +13,7 @@ domain and will see each other "as if they were connected to one giant switch". This comes with a set of advantages (like quick and economical client device roaming, layer 3 protocol agnosticism, broadcast/multicast). But also impediments, especially layer 2 multicast overhead - which Gluon tries to mitigate to achieve a certain degree -of scalability. See :doc:`gluon-ebtables-filter-multicast` and +of scalability. See :doc:`gluon-nftables-filter-multicast` and :ref:`batman-adv-multicast-architecture` for details. B.A.T.M.A.N. Advanced project homepage: @@ -53,9 +53,9 @@ While generally broadcast capability is a nice feature of a layer 2 mesh protocol, it quickly reaches its limit. For meshes with about **50 nodes / 100 clients, or more** it is therefore highly -recommended to add the :doc:`gluon-ebtables-filter-multicast` +recommended to add the :doc:`gluon-nftables-filter-multicast` package. Also, with the *mesh-batman-adv-15* feature, -:doc:`gluon-ebtables-limit-arp` is selected by default. +:doc:`gluon-nftables-limit-arp` is selected by default. Furthermore, by default IGMP and MLD messages are filtered. See :ref:`site.conf mesh section ` and diff --git a/docs/package/gluon-ebtables-filter-multicast.rst b/docs/package/gluon-nftables-filter-multicast.rst similarity index 91% rename from docs/package/gluon-ebtables-filter-multicast.rst rename to docs/package/gluon-nftables-filter-multicast.rst index eca9c6c7..b8790fc4 100644 --- a/docs/package/gluon-ebtables-filter-multicast.rst +++ b/docs/package/gluon-nftables-filter-multicast.rst @@ -1,7 +1,7 @@ -gluon-ebtables-filter-multicast +gluon-nftables-filter-multicast =============================== -The *gluon-ebtables-filter-multicast* package filters out various kinds of +The *gluon-nftables-filter-multicast* package filters out various kinds of non-essential multicast traffic, as this traffic often constitutes a disproportionate burden on the mesh network. Unfortunately, this breaks many useful services (Avahi, Bonjour chat, ...), but this seems unavoidable, as the current Avahi implementation is diff --git a/docs/package/gluon-ebtables-filter-ra-dhcp.rst b/docs/package/gluon-nftables-filter-ra-dhcp.rst similarity index 82% rename from docs/package/gluon-ebtables-filter-ra-dhcp.rst rename to docs/package/gluon-nftables-filter-ra-dhcp.rst index 539fbc0d..8e365cb0 100644 --- a/docs/package/gluon-ebtables-filter-ra-dhcp.rst +++ b/docs/package/gluon-nftables-filter-ra-dhcp.rst @@ -1,7 +1,7 @@ -gluon-ebtables-filter-ra-dhcp +gluon-nftables-filter-ra-dhcp ============================= -The *gluon-ebtables-filter-ra-dhcp* package tries to prevent common +The *gluon-nftables-filter-ra-dhcp* package tries to prevent common misconfigurations (i.e. connecting the client interface of a Gluon node to a private network) from causing issues for either of the networks. diff --git a/docs/package/gluon-ebtables-limit-arp.rst b/docs/package/gluon-nftables-limit-arp.rst similarity index 84% rename from docs/package/gluon-ebtables-limit-arp.rst rename to docs/package/gluon-nftables-limit-arp.rst index 9431f004..9969012e 100644 --- a/docs/package/gluon-ebtables-limit-arp.rst +++ b/docs/package/gluon-nftables-limit-arp.rst @@ -1,14 +1,14 @@ -gluon-ebtables-limit-arp +gluon-nftables-limit-arp ======================== -The *gluon-ebtables-limit-arp* package adds filters to limit the +The *gluon-nftables-limit-arp* package adds filters to limit the amount of ARP requests client devices are allowed to send into the mesh. The limits per client device, identified by its MAC address, are 6 packets per minute and 1 per second per node in total. A burst of up to 50 ARP requests is allowed until the rate-limiting -takes effect (see ``--limit-burst`` in ``ebtables(8)``). +takes effect (see ``--limit-burst`` in ``nftables(8)``). Furthermore, ARP requests for a target IP already present in the batman-adv DAT cache are excluded from rate-limiting, in regard @@ -26,4 +26,4 @@ feature is *mesh-batman-adv-15*. It can be unselected via:: GLUON_SITE_PACKAGES := \ - -gluon-ebtables-limit-arp + -gluon-nftables-limit-arp diff --git a/docs/package/gluon-ebtables-source-filter.rst b/docs/package/gluon-nftables-source-filter.rst similarity index 89% rename from docs/package/gluon-ebtables-source-filter.rst rename to docs/package/gluon-nftables-source-filter.rst index 1bbb2e07..cfe6f443 100644 --- a/docs/package/gluon-ebtables-source-filter.rst +++ b/docs/package/gluon-nftables-source-filter.rst @@ -1,7 +1,7 @@ -gluon-ebtables-source-filter +gluon-nftables-source-filter ============================ -The *gluon-ebtables-source-filter* package adds an additional layer-2 filter +The *gluon-nftables-source-filter* package adds an additional layer-2 filter ruleset to prevent unreasonable traffic entering the network via the nodes. Unreasonable means traffic entering the mesh via a node which source IP does not belong to the configured IP space. diff --git a/docs/package/gluon-radv-filterd.rst b/docs/package/gluon-radv-filterd.rst index 7b07ff9c..55fa9e50 100644 --- a/docs/package/gluon-radv-filterd.rst +++ b/docs/package/gluon-radv-filterd.rst @@ -35,7 +35,7 @@ connected to the client interface via cable or WLAN instead of via the mesh fake TQ of 512, so that they are always preferred. Be aware of problems if you plan to use local routers together with the -:doc:`gluon-ebtables-filter-ra-dhcp` package. These router advertisements are +:doc:`gluon-nftables-filter-ra-dhcp` package. These router advertisements are filtered anyway and reach neither the node nor any other client. Therefore the use of local routers is not possible as long as the package ``gluon-radv-filterd`` is used.