From: Antonio Quartulli <ordex@ritirata.org>
To: The list for a Better Approach To Mobile Ad-hoc Networking
<b.a.t.m.a.n@lists.open-mesh.org>
Subject: Re: [B.A.T.M.A.N.] Blocking OGMs from a node for testing purpose
Date: Sun, 16 May 2010 23:27:55 +0200 [thread overview]
Message-ID: <20100516212754.GB2364@ritirata.org> (raw)
In-Reply-To: <201005170337.45135.lindner_marek@yahoo.de>
Hi!
On lun, mag 17, 2010 at 03:37:44 +0800, Marek Lindner wrote:
>
> Hey,
>
> > The problem seems to be that iptables filters only packets that are sent
> > to IP layer and over..so any packet intended for a protocol living on a
> > layer lower than IP is not recognized (e.g. batman frame).
>
> I'd say you are right here.
>
>
> > Ebtables instead works only on eth bridges...I tried it because I thought
> > that bat0 was acting like a bridge indeed but this is not the case...The
> > only solution I thought could be this: create a bridge-if br0, attach wlan0
> > to it and then attach br0 to bat0 and then you could let ebtables work
> > between wlan0 and br0....maybe it could work...
> > But attaching a wlan-if to a eth-bridge-if is not actually possible.
>
> At the WCW we sat together to discuss the issue. The easiest thing to test
> would be this: You create a bridge "br0" and add the wifi interface batman
> usually runs on (e.g. wlan0). Then you configure batman-adv to run on the
> bridge instead on wlan0 directly (batctl if add br0). Since the packets travel
> through the bridge interface first, it might be possible to drop them there.
>
It is what i described just a few rows before..the problem is that
adding wlan0 interface to a eth-bridge (using cfg80211 driver) is not possible (due to
operation not permitted error, probably because devs don't want to do
that :P) either with iwlagn or rt2x00
:(:(:(
> Be sure to create an individual bridge interface for each wifi interface you
> want to run batman-adv on. The purpose of the bridge interface is to allow
> packet filtering, not to bridge interfaces.
>
> Please let us know how it goes. :-)
>
> Cheers,
> Marek
Regards
--
Antonio Quartulli
Ognuno di noi, da solo, non vale nulla
Ernesto "Che" Guevara
next prev parent reply other threads:[~2010-05-16 21:27 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-05-08 17:07 [B.A.T.M.A.N.] Blocking OGMs from a node for testing purpose Antonio Quartulli
2010-05-09 17:47 ` Marek Lindner
2010-05-10 11:57 ` Antonio Quartulli
2010-05-12 21:02 ` Linus Lüssing
2010-05-13 16:38 ` Antonio Quartulli
2010-05-16 19:37 ` Marek Lindner
2010-05-16 21:27 ` Antonio Quartulli [this message]
2010-05-16 22:53 ` Marek Lindner
2010-05-17 7:20 ` Antonio Quartulli
2010-05-19 1:25 ` [B.A.T.M.A.N.] [PATCH] batman-adv: Adding netfilter-bridge hooks Linus Lüssing
2010-05-21 8:21 ` Antonio Quartulli
2010-05-21 10:17 ` Linus Lüssing
2010-05-21 18:45 ` Antonio Quartulli
2010-05-22 10:51 ` Marek Lindner
2010-05-25 23:56 ` Linus Lüssing
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20100516212754.GB2364@ritirata.org \
--to=ordex@ritirata.org \
--cc=b.a.t.m.a.n@lists.open-mesh.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox