From 43664bf383e3908997a60fabe4bee85da07efd33 Mon Sep 17 00:00:00 2001
From: Julian Labus <julian@labus-online.de>
Date: Thu, 15 Dec 2016 13:26:29 +0100
Subject: [PATCH] gluon-radv-filterd: updated socket filter

---
 .../src/gluon-radv-filterd.c                  | 27 +++++++------------
 1 file changed, 10 insertions(+), 17 deletions(-)

diff --git a/package/gluon-radv-filterd/src/gluon-radv-filterd.c b/package/gluon-radv-filterd/src/gluon-radv-filterd.c
index 56e90e19..848cd7a5 100644
--- a/package/gluon-radv-filterd/src/gluon-radv-filterd.c
+++ b/package/gluon-radv-filterd/src/gluon-radv-filterd.c
@@ -29,6 +29,7 @@
 #include <signal.h>
 #include <stdarg.h>
 #include <stdbool.h>
+#include <stddef.h>
 #include <stdio.h>
 #include <stdint.h>
 #include <stdlib.h>
@@ -173,21 +174,11 @@ static inline void warn_errno(const char *message) {
 }
 
 static int init_packet_socket(unsigned int ifindex) {
-	// generated by tcpdump -i tun "icmp6 and ip6[40] = 134" -dd
-	// Important: Generate on TUN interface (because the socket is SOCK_DGRAM)!
 	struct sock_filter radv_filter_code[] = {
-		{ 0x30, 0, 0, 0x00000000 },
-		{ 0x54, 0, 0, 0x000000f0 },
-		{ 0x15, 0, 8, 0x00000060 },
-		{ 0x30, 0, 0, 0x00000006 },
-		{ 0x15, 3, 0, 0x0000003a },
-		{ 0x15, 0, 5, 0x0000002c },
-		{ 0x30, 0, 0, 0x00000028 },
-		{ 0x15, 0, 3, 0x0000003a },
-		{ 0x30, 0, 0, 0x00000028 },
-		{ 0x15, 0, 1, 0x00000086 },
-		{ 0x06, 0, 0, 0x0000ffff },
-		{ 0x06, 0, 0, 0x00000000 },
+		BPF_STMT(BPF_LD|BPF_B|BPF_ABS, sizeof(struct ip6_hdr) + offsetof(struct icmp6_hdr, icmp6_type)),
+		BPF_JUMP(BPF_JMP|BPF_JEQ|BPF_K, ND_ROUTER_ADVERT, 1, 0),
+		BPF_STMT(BPF_RET|BPF_K, 0),
+		BPF_STMT(BPF_RET|BPF_K, 0xffffffff),
 	};
 
 	struct sock_fprog radv_filter = {
@@ -195,14 +186,16 @@ static int init_packet_socket(unsigned int ifindex) {
 	    .filter = radv_filter_code,
 	};
 
-	int sock = socket(AF_PACKET, SOCK_DGRAM|SOCK_CLOEXEC, ETH_P_IPV6);
+	int sock = socket(AF_PACKET, SOCK_DGRAM|SOCK_CLOEXEC, htons(ETH_P_IPV6));
 	if (sock < 0)
 		exit_errno("can't open packet socket");
-	setsockopt(sock, SOL_SOCKET, SO_ATTACH_FILTER, &radv_filter, sizeof(radv_filter));
+	int ret = setsockopt(sock, SOL_SOCKET, SO_ATTACH_FILTER, &radv_filter, sizeof(radv_filter));
+	if (ret < 0)
+		exit_errno("can't attach socket filter");
 
 	struct sockaddr_ll bind_iface = {
 		.sll_family = AF_PACKET,
-		.sll_protocol = ETH_P_IPV6,
+		.sll_protocol = htons(ETH_P_IPV6),
 		.sll_ifindex = ifindex,
 	};
 	bind(sock, (struct sockaddr *)&bind_iface, sizeof(bind_iface));