From: Marek Lindner <lindner_marek@yahoo.de>
To: The list for a Better Approach To Mobile Ad-hoc Networking
<b.a.t.m.a.n@lists.open-mesh.org>
Subject: Re: [B.A.T.M.A.N.] Blocking OGMs from a node for testing purpose
Date: Mon, 17 May 2010 03:37:44 +0800 [thread overview]
Message-ID: <201005170337.45135.lindner_marek@yahoo.de> (raw)
In-Reply-To: <f31ad2968a9884d5bda6eebde3a01b21@localhost>
Hey,
> The problem seems to be that iptables filters only packets that are sent
> to IP layer and over..so any packet intended for a protocol living on a
> layer lower than IP is not recognized (e.g. batman frame).
I'd say you are right here.
> Ebtables instead works only on eth bridges...I tried it because I thought
> that bat0 was acting like a bridge indeed but this is not the case...The
> only solution I thought could be this: create a bridge-if br0, attach wlan0
> to it and then attach br0 to bat0 and then you could let ebtables work
> between wlan0 and br0....maybe it could work...
> But attaching a wlan-if to a eth-bridge-if is not actually possible.
At the WCW we sat together to discuss the issue. The easiest thing to test
would be this: You create a bridge "br0" and add the wifi interface batman
usually runs on (e.g. wlan0). Then you configure batman-adv to run on the
bridge instead on wlan0 directly (batctl if add br0). Since the packets travel
through the bridge interface first, it might be possible to drop them there.
Be sure to create an individual bridge interface for each wifi interface you
want to run batman-adv on. The purpose of the bridge interface is to allow
packet filtering, not to bridge interfaces.
Please let us know how it goes. :-)
Cheers,
Marek
next prev parent reply other threads:[~2010-05-16 19:37 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-05-08 17:07 [B.A.T.M.A.N.] Blocking OGMs from a node for testing purpose Antonio Quartulli
2010-05-09 17:47 ` Marek Lindner
2010-05-10 11:57 ` Antonio Quartulli
2010-05-12 21:02 ` Linus Lüssing
2010-05-13 16:38 ` Antonio Quartulli
2010-05-16 19:37 ` Marek Lindner [this message]
2010-05-16 21:27 ` Antonio Quartulli
2010-05-16 22:53 ` Marek Lindner
2010-05-17 7:20 ` Antonio Quartulli
2010-05-19 1:25 ` [B.A.T.M.A.N.] [PATCH] batman-adv: Adding netfilter-bridge hooks Linus Lüssing
2010-05-21 8:21 ` Antonio Quartulli
2010-05-21 10:17 ` Linus Lüssing
2010-05-21 18:45 ` Antonio Quartulli
2010-05-22 10:51 ` Marek Lindner
2010-05-25 23:56 ` Linus Lüssing
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201005170337.45135.lindner_marek@yahoo.de \
--to=lindner_marek@yahoo.de \
--cc=b.a.t.m.a.n@lists.open-mesh.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox