nils/gluon
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

docs: rename ebtables->nftables

Browse Source
This commit is contained in:
Maciej Krüger 2023-05-01 21:25:33 +02:00
parent dfc4a2f9c6
commit 2b8b50d73d
No known key found for this signature in database
GPG Key ID: 0D948CE19CF49C5F
7 changed files with 18 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
docs/index.rst
View File

@ -62,10 +62,10 @@ Several Freifunk communities in Germany use Gluon as the foundation of their Fre
package/gluon-client-bridge package/gluon-client-bridge
package/gluon-config-mode-domain-select package/gluon-config-mode-domain-select
package/gluon-ebtables-filter-multicast package/gluon-nftables-filter-multicast
package/gluon-ebtables-filter-ra-dhcp package/gluon-nftables-filter-ra-dhcp
package/gluon-ebtables-limit-arp package/gluon-nftables-limit-arp
package/gluon-ebtables-source-filter package/gluon-nftables-source-filter
package/gluon-hoodselector package/gluon-hoodselector
package/gluon-logging package/gluon-logging
package/gluon-mesh-batman-adv package/gluon-mesh-batman-adv

6
docs/package/gluon-mesh-batman-adv.rst
View File

@ -13,7 +13,7 @@ domain and will see each other "as if they were connected to one giant switch".
This comes with a set of advantages (like quick and economical client device roaming, This comes with a set of advantages (like quick and economical client device roaming,
layer 3 protocol agnosticism, broadcast/multicast). But also impediments, especially layer 3 protocol agnosticism, broadcast/multicast). But also impediments, especially
layer 2 multicast overhead - which Gluon tries to mitigate to achieve a certain degree layer 2 multicast overhead - which Gluon tries to mitigate to achieve a certain degree
of scalability. See :doc:`gluon-ebtables-filter-multicast` and of scalability. See :doc:`gluon-nftables-filter-multicast` and
:ref:`batman-adv-multicast-architecture` for details. :ref:`batman-adv-multicast-architecture` for details.
B.A.T.M.A.N. Advanced project homepage: B.A.T.M.A.N. Advanced project homepage:
@ -53,9 +53,9 @@ While generally broadcast capability is a nice feature of a layer 2
mesh protocol, it quickly reaches its limit. mesh protocol, it quickly reaches its limit.
For meshes with about **50 nodes / 100 clients, or more** it is therefore highly For meshes with about **50 nodes / 100 clients, or more** it is therefore highly
recommended to add the :doc:`gluon-ebtables-filter-multicast` recommended to add the :doc:`gluon-nftables-filter-multicast`
package. Also, with the *mesh-batman-adv-15* feature, package. Also, with the *mesh-batman-adv-15* feature,
:doc:`gluon-ebtables-limit-arp` is selected by default. :doc:`gluon-nftables-limit-arp` is selected by default.
Furthermore, by default IGMP and MLD messages are filtered. See Furthermore, by default IGMP and MLD messages are filtered. See
:ref:`site.conf mesh section <user-site-mesh>` and :ref:`site.conf mesh section <user-site-mesh>` and

4
docs/package/gluon-ebtables-filter-multicast.rst → docs/package/gluon-nftables-filter-multicast.rst
View File

@ -1,7 +1,7 @@
gluon-ebtables-filter-multicast gluon-nftables-filter-multicast
=============================== ===============================
The *gluon-ebtables-filter-multicast* package filters out various kinds of The *gluon-nftables-filter-multicast* package filters out various kinds of
non-essential multicast traffic, as this traffic often constitutes a non-essential multicast traffic, as this traffic often constitutes a
disproportionate burden on the mesh network. Unfortunately, this breaks many useful services disproportionate burden on the mesh network. Unfortunately, this breaks many useful services
(Avahi, Bonjour chat, ...), but this seems unavoidable, as the current Avahi implementation is (Avahi, Bonjour chat, ...), but this seems unavoidable, as the current Avahi implementation is

4
docs/package/gluon-ebtables-filter-ra-dhcp.rst → docs/package/gluon-nftables-filter-ra-dhcp.rst
View File

@ -1,7 +1,7 @@
gluon-ebtables-filter-ra-dhcp gluon-nftables-filter-ra-dhcp
============================= =============================
The *gluon-ebtables-filter-ra-dhcp* package tries to prevent common The *gluon-nftables-filter-ra-dhcp* package tries to prevent common
misconfigurations (i.e. connecting the client interface of a Gluon misconfigurations (i.e. connecting the client interface of a Gluon
node to a private network) from causing issues for either of the node to a private network) from causing issues for either of the
networks. networks.

8
docs/package/gluon-ebtables-limit-arp.rst → docs/package/gluon-nftables-limit-arp.rst
View File

@ -1,14 +1,14 @@
gluon-ebtables-limit-arp gluon-nftables-limit-arp
======================== ========================
The *gluon-ebtables-limit-arp* package adds filters to limit the The *gluon-nftables-limit-arp* package adds filters to limit the
amount of ARP requests client devices are allowed to send into the amount of ARP requests client devices are allowed to send into the
mesh. mesh.
The limits per client device, identified by its MAC address, are The limits per client device, identified by its MAC address, are
6 packets per minute and 1 per second per node in total. 6 packets per minute and 1 per second per node in total.
A burst of up to 50 ARP requests is allowed until the rate-limiting A burst of up to 50 ARP requests is allowed until the rate-limiting
takes effect (see ``--limit-burst`` in ``ebtables(8)``). takes effect (see ``--limit-burst`` in ``nftables(8)``).
Furthermore, ARP requests for a target IP already present in the Furthermore, ARP requests for a target IP already present in the
batman-adv DAT cache are excluded from rate-limiting, in regard batman-adv DAT cache are excluded from rate-limiting, in regard
@ -26,4 +26,4 @@ feature is *mesh-batman-adv-15*.
It can be unselected via:: It can be unselected via::
GLUON_SITE_PACKAGES := \ GLUON_SITE_PACKAGES := \
-gluon-ebtables-limit-arp -gluon-nftables-limit-arp

4
docs/package/gluon-ebtables-source-filter.rst → docs/package/gluon-nftables-source-filter.rst
View File

@ -1,7 +1,7 @@
gluon-ebtables-source-filter gluon-nftables-source-filter
============================ ============================
The *gluon-ebtables-source-filter* package adds an additional layer-2 filter The *gluon-nftables-source-filter* package adds an additional layer-2 filter
ruleset to prevent unreasonable traffic entering the network via the nodes. ruleset to prevent unreasonable traffic entering the network via the nodes.
Unreasonable means traffic entering the mesh via a node which source IP does Unreasonable means traffic entering the mesh via a node which source IP does
not belong to the configured IP space. not belong to the configured IP space.

2
docs/package/gluon-radv-filterd.rst
View File

@ -35,7 +35,7 @@ connected to the client interface via cable or WLAN instead of via the mesh
fake TQ of 512, so that they are always preferred. fake TQ of 512, so that they are always preferred.
Be aware of problems if you plan to use local routers together with the Be aware of problems if you plan to use local routers together with the
:doc:`gluon-ebtables-filter-ra-dhcp` package. These router advertisements are :doc:`gluon-nftables-filter-ra-dhcp` package. These router advertisements are
filtered anyway and reach neither the node nor any other client. Therefore the filtered anyway and reach neither the node nor any other client. Therefore the
use of local routers is not possible as long as the package use of local routers is not possible as long as the package
``gluon-radv-filterd`` is used. ``gluon-radv-filterd`` is used.