From f238b0117316f30297187b53d5c1eb51870bedf6 Mon Sep 17 00:00:00 2001 From: Matthias Schiffer Date: Fri, 10 Feb 2017 09:44:23 +0100 Subject: [PATCH] gluon-client-bridge: use a veth pair instead of macvlan to connect local-node to br-client macvlan interfaces never directly exchange traffic with the underlying interface, but only with other hosts behind the interface. In consequence, router advertisements from the uradvd running on br-client could never reach local-node, preventing it from getting an IPv6 address without RAs from an external radvd. Fix this be replacing the macvlan interface with a veth pair (with the peer interface in br-client). As a side effect, this saves about 5KB of flash, as the veth module is simpler than macvlan. --- package/gluon-client-bridge/Makefile | 2 +- .../lib/gluon/upgrade/300-gluon-client-bridge-network | 3 +++ .../lib/gluon/upgrade/310-gluon-client-bridge-local-node | 5 +++-- .../files/lib/gluon/ebtables/101-dir-rules | 9 +++++++-- 4 files changed, 14 insertions(+), 5 deletions(-) diff --git a/package/gluon-client-bridge/Makefile b/package/gluon-client-bridge/Makefile index 7f967ab4..b88b0291 100644 --- a/package/gluon-client-bridge/Makefile +++ b/package/gluon-client-bridge/Makefile @@ -12,7 +12,7 @@ define Package/gluon-client-bridge SECTION:=gluon CATEGORY:=Gluon TITLE:=Provides a bridge and a wireless interface for clients to connect to - DEPENDS:=+gluon-core +kmod-macvlan + DEPENDS:=+gluon-core +kmod-veth endef define Build/Prepare diff --git a/package/gluon-client-bridge/luasrc/lib/gluon/upgrade/300-gluon-client-bridge-network b/package/gluon-client-bridge/luasrc/lib/gluon/upgrade/300-gluon-client-bridge-network index c3fefdf8..ca29e9ac 100755 --- a/package/gluon-client-bridge/luasrc/lib/gluon/upgrade/300-gluon-client-bridge-network +++ b/package/gluon-client-bridge/luasrc/lib/gluon/upgrade/300-gluon-client-bridge-network @@ -23,6 +23,9 @@ if sysconfig.lan_ifname and not ifname and not uci:get_bool('network', 'mesh_lan end end +util.add_to_set(interfaces, 'local-port') + + uci:delete('network', 'client') uci:section('network', 'interface', 'client', { type = 'bridge', diff --git a/package/gluon-client-bridge/luasrc/lib/gluon/upgrade/310-gluon-client-bridge-local-node b/package/gluon-client-bridge/luasrc/lib/gluon/upgrade/310-gluon-client-bridge-local-node index efde1c3d..dcdc68f6 100755 --- a/package/gluon-client-bridge/luasrc/lib/gluon/upgrade/310-gluon-client-bridge-local-node +++ b/package/gluon-client-bridge/luasrc/lib/gluon/upgrade/310-gluon-client-bridge-local-node @@ -8,10 +8,11 @@ local uci = require('simple-uci').cursor() uci:delete('network', 'local_node_dev') uci:section('network', 'device', 'local_node_dev', { + type = 'veth', name = 'local-node', - ifname = 'br-client', - type = 'macvlan', macaddr = site.next_node.mac, + peer_name = 'local-port', + peer_macaddr = sysconfig.primary_mac, }) diff --git a/package/gluon-ebtables/files/lib/gluon/ebtables/101-dir-rules b/package/gluon-ebtables/files/lib/gluon/ebtables/101-dir-rules index b1cd4e24..74486ae5 100644 --- a/package/gluon-ebtables/files/lib/gluon/ebtables/101-dir-rules +++ b/package/gluon-ebtables/files/lib/gluon/ebtables/101-dir-rules @@ -1,2 +1,7 @@ -rule 'IN_ONLY --logical-in br-client -i ! bat0 -j DROP' -rule 'OUT_ONLY --logical-out br-client -o ! bat0 -j DROP' +rule 'IN_ONLY --logical-in br-client -i bat0 -j RETURN' +rule 'IN_ONLY --logical-in br-client -i local-port -j RETURN' +rule 'IN_ONLY --logical-in br-client -j DROP' + +rule 'OUT_ONLY --logical-out br-client -o bat0 -j RETURN' +rule 'OUT_ONLY --logical-out br-client -o local-port -j RETURN' +rule 'OUT_ONLY --logical-out br-client -j DROP'