From 606e9d0aaf1b8528b628f7bab0ac945280ac7de7 Mon Sep 17 00:00:00 2001
From: Matthias Schiffer <mschiffer@universe-factory.net>
Date: Mon, 22 Apr 2019 22:41:46 +0200
Subject: [PATCH] gluon-mesh-batman-adv: drop packets from mesh with next-node
 source or destination address

Fixes #1659
---
 .../files/lib/gluon/ebtables/250-next-node                     | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/package/gluon-mesh-batman-adv/files/lib/gluon/ebtables/250-next-node b/package/gluon-mesh-batman-adv/files/lib/gluon/ebtables/250-next-node
index 8b8d77a2..c239f81e 100644
--- a/package/gluon-mesh-batman-adv/files/lib/gluon/ebtables/250-next-node
+++ b/package/gluon-mesh-batman-adv/files/lib/gluon/ebtables/250-next-node
@@ -7,6 +7,9 @@ local macaddr = client_bridge.next_node_macaddr()
 rule('FORWARD --logical-out br-client -i bat0 -o local-port -j DROP')
 rule('FORWARD --logical-out br-client -i local-port -o bat0 -j DROP')
 
+rule('PREROUTING --logical-in br-client -i bat0 -s ' .. macaddr .. ' -j DROP', 'nat')
+rule('PREROUTING --logical-in br-client -i bat0 -d ' .. macaddr .. ' -j DROP', 'nat')
+
 rule('FORWARD --logical-out br-client -o bat0 -d ' .. macaddr .. ' -j DROP')
 rule('OUTPUT --logical-out br-client -o bat0 -d ' .. macaddr .. ' -j DROP')
 rule('FORWARD --logical-out br-client -o bat0 -s ' .. macaddr .. ' -j DROP')