Filter IGMP/MLD messges so that we can have an IGMP/MLD querier per
node. Segmenting the IGMP/MLD domain on a per node basis allows us
to *not* rely on a central querier (on a gateway for instance) to
take advantage of multicast snooping.
Even though we receive no more reports from other nodes anymore then,
the "multicast_router" bridge port setting will ensure to always
forward multicast packets towards bat0 (unless filtered by another
ebtables rule).
Note that IGMP/MLD are filtered for multicast traffic coming from
the mesh, too (new MULTICAST_IN), as unfortunately there seem to
be other queriers somewhere in the mesh at least for Freifunk
Lübeck. Such queriers would potentially confuse / silence the
querier on a node.
Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
ebtables actually skips any IPv6 extension headers like the hop-by-hop
one. So this rule is actually void.
The intend back then was to allow passing MLD messages into the mesh.
Since extension headers are skipped, the general icmpv6 rule will
actually match MLD messages. So the hop-by-hop rule is unnecessary,
too.
Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
the ports were interchanged, see the following packet flow:
client:546 --> [ff02::1:2]:547
server:547 --> client:546
therefore we need to allow outgoing multicast packets with dst-port 547
and unicast packets from bat0 to clients with dst-port 546 and 547 in the other direction
