nils/gluon
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
a modular framework for creating OpenWrt-based firmwares for wireless mesh nodes
1,788 Commits 26 Branches 63 Tags 18 MiB
C 35.8%
Lua 34.9%
Makefile 9.2%
Shell 7.5%
JavaScript 5.1%
Other 7.4%
4199b216c6
Go to file
Linus Lüssing 4199b216c6 ebtables-segment-mld: Segment IGMP/MLD domain 
This patch adds a new gluon-ebtables package to filter IGMP/MLD messages
via ebtables.

For one thing this reduces multicast overhead: About one third of all
ICMPv6 multicast traffic in Lübeck or Hamburg is MLD.

Furthermore it removes a potential Distributed Denial-of-Service vector
(see Gluon ticket #553).

Finally, it is a prerequisite for enabling bridge multicast snooping in
a decentral and robust fashion.

Note that IGMP/MLD are filtered for multicast traffic coming from
the mesh, too (new MULTICAST_IN), as unfortunately there seem to
be other queriers somewhere in the mesh at least for Freifunk
Lübeck. Also adding these rules to be prepared to anyone intentionally
or unintentionally disabling these filters on his/her node.

Node operators not running Gluon (for instance gateway nodes) should
make sure to either enable multicast_router towards bat0 or disable
multicast snooping entirely if they have a bridge on top of bat0.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2016-05-20 22:59:31 +02:00
contrib Add contrib/depdot.sh 2016-02-28 20:01:19 +01:00
docs ebtables-segment-mld: Segment IGMP/MLD domain 2016-05-20 22:59:31 +02:00
include mac80211: update backport to r48681 2016-02-09 18:44:22 +01:00
package ebtables-segment-mld: Segment IGMP/MLD domain 2016-05-20 22:59:31 +02:00
patches ar71xx-generic: add support for UniFi AC PRO/LITE (LITE untested) 2016-05-14 00:48:10 +02:00
scripts build: add module separators/headings to patch/update/update-patches scripts 2016-03-26 00:03:04 +01:00
targets ar71xx-generic: Add support for OpenMesh devices 2016-05-16 13:31:25 +02:00
.gitignore build: add GLUON_OUTPUTDIR, move GLUON_IMAGEDIR default below it 2015-10-29 18:44:00 +01:00
CONTRIBUTING.md CONTRIBUTING.md: update links 2016-04-04 00:13:42 +02:00
LICENSE docs, LICENSE: fix upper and lower case of "OpenWrt" 2016-02-05 18:48:48 +01:00
Makefile build: fix race condition on make clean without preceeding normal make 2016-04-27 20:27:26 +02:00
modules Update Gluon packages 2016-05-16 02:17:39 +02:00
README.md README: add Roadmap link 2016-05-03 19:30:43 +02:00

README.md

Documentation (incomplete at this time, contribute if you can!) may be found at http://gluon.readthedocs.org/.

If you're new to Gluon and ready to get your feet wet, have a look at the Getting Started Guide.

Gluon IRC channel: #gluon in hackint

Issues & Feature requests

Before opening an issue, make sure to check whether any existing issues (open or closed) match. If you're suggesting a new feature, drop by on IRC or our mailinglist to discuss it first.

We maintain a Roadmap for the future development of Gluon.

Use a release!

Please refrain from using the master branch for anything else but development purposes! Use the most recent release instead. You can list all relaseses by running git branch -a and switch to one by running git checkout v2016.1.4 && make update.

If you're using the autoupdater, do not autoupdate nodes with anything but releases. If you upgrade using random master commits the nodes will break eventually.

Mailinglist

To subscribe to the list, send a message to:

gluon-subscribe@luebeck.freifunk.net

To remove your address from the list, just send a message to the address in the List-Unsubscribe header of any list message. If you haven't changed addresses since subscribing, you can also send a message to:

gluon-unsubscribe@luebeck.freifunk.net