gluon/package/gluon-mesh-batman-adv/files/lib/gluon/ebtables/250-next-node

local client_bridge = require 'gluon.client_bridge'
local site = require 'gluon.site'
local next_node = site.next_node({})

local macaddr = client_bridge.next_node_macaddr()

rule('FORWARD --logical-out br-client -i bat0 -o local-port -j DROP')
rule('FORWARD --logical-out br-client -i local-port -o bat0 -j DROP')

rule('FORWARD --logical-out br-client -o bat0 -d ' .. macaddr .. ' -j DROP')
rule('OUTPUT --logical-out br-client -o bat0 -d ' .. macaddr .. ' -j DROP')
rule('FORWARD --logical-out br-client -o bat0 -s ' .. macaddr .. ' -j DROP')
rule('OUTPUT --logical-out br-client -o bat0 -s ' .. macaddr .. ' -j DROP')

if next_node.ip4 then
	rule('FORWARD --logical-out br-client -o bat0 -p ARP --arp-ip-src ' .. next_node.ip4 .. ' -j DROP')
	rule('FORWARD --logical-out br-client -o bat0 -p ARP --arp-ip-dst ' .. next_node.ip4 .. ' -j DROP')

	rule('FORWARD --logical-out br-client -o bat0 -p IPv4 --ip-destination ' .. next_node.ip4 .. ' -j DROP')
	rule('OUTPUT --logical-out br-client -o bat0 -p IPv4 --ip-destination ' .. next_node.ip4 .. ' -j DROP')
	rule('FORWARD --logical-out br-client -o bat0 -p IPv4 --ip-source ' .. next_node.ip4 .. ' -j DROP')
	rule('OUTPUT --logical-out br-client -o bat0 -p IPv4 --ip-source ' .. next_node.ip4 .. ' -j DROP')
end

if next_node.ip6 then
	rule('FORWARD --logical-out br-client -o bat0 -p IPv6 --ip6-destination ' .. next_node.ip6 .. ' -j DROP')
	rule('OUTPUT --logical-out br-client -o bat0 -p IPv6 --ip6-destination ' .. next_node.ip6 .. ' -j DROP')
	rule('FORWARD --logical-out br-client -o bat0 -p IPv6 --ip6-source ' .. next_node.ip6 .. ' -j DROP')
	rule('OUTPUT --logical-out br-client -o bat0 -p IPv6 --ip6-source ' .. next_node.ip6 .. ' -j DROP')
end