All of lore.kernel.org
 help / color / mirror / Atom feed
From: Matthias Schiffer <mschiffer@universe-factory.net>
To: The list for a Better Approach To Mobile Ad-hoc Networking
	<b.a.t.m.a.n@lists.open-mesh.org>
Subject: Re: [B.A.T.M.A.N.] [PATCH 2/2] batman-adv: filter out invalid DAT entries
Date: Wed, 23 Jan 2013 22:52:09 +0100	[thread overview]
Message-ID: <51005B89.6050506@universe-factory.net> (raw)
In-Reply-To: <51005884.7090106@universe-factory.net>

[-- Attachment #1: Type: text/plain, Size: 2446 bytes --]

On 01/23/2013 10:39 PM, Matthias Schiffer wrote:
> ipv4_is_zeronet() checks if the first byte of the address is zero, to my
> knowledge there is no special funtion for checking for the unspecified
> address, as the case is trivial and independent of byte ordering.
> 
> It might make sense though to check for different types of addresses
> that are invalid for ARP (zeronet, loopback, multicast, etc.), but I
> wanted to keep the patch as simple as possible. If you think these
> should be filtered as well, I'll prepare a v2.
> 
> Matthias

Oh, I shouldn't top post. Well, continuing here now...

I just noticed that batadv_arp_get_type() already checks for loopback
and multicast addresses, so adding ipv4_is_zeronet() should be enough.
I'd keep that in batadv_dat_entry_add() though as the source of ARP
replies with 0.0.0.0 destination is still valid and can be should to the
DAT.

Matthias


> 
> 
> On 01/23/2013 10:07 PM, Antonio Quartulli wrote:
>> On Wed, Jan 23, 2013 at 06:11:54 +0100, Matthias Schiffer wrote:
>>> Due to duplicate address detection and other strange ARP packets, sometimes
>>> entries with broadcast MAC addresses or unspecified IP addresses would get into
>>> the Distributed ARP Table. This patch prevents these and some other kinds of
>>> invalid entries from getting into the DAT.
>>>
>>> Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
>>> ---
>>>  distributed-arp-table.c | 12 ++++++++++++
>>>  1 file changed, 12 insertions(+)
>>>
>>> diff --git a/distributed-arp-table.c b/distributed-arp-table.c
>>> index 9f4cff3..e28be57 100644
>>> --- a/distributed-arp-table.c
>>> +++ b/distributed-arp-table.c
>>> @@ -274,6 +274,18 @@ static void batadv_dat_entry_add(struct batadv_priv *bat_priv, __be32 ip,
>>>  	struct batadv_dat_entry *dat_entry;
>>>  	int hash_added;
>>>  
>>> +	/* filter invalid MAC addresses that are sometimes used as
>>> +	 * destinations of ARP replies
>>> +	 */
>>> +	if (is_zero_ether_addr(mac_addr) || is_multicast_ether_addr(mac_addr))
>>> +		return;
>>> +
>>> +	/* ARP requests with unspecified source address are used for
>>> +	 * duplicate address detection, we don't want those in the DAT either
>>> +	 */
>>> +	if (!ip)
>>
>> Hi Matthias,
>> what about using ipv4_is_zeronet() ? Even if this is a base case, I would rather
>> prefer to use an already implemented function.
>>
>> Cheers,
>>
> 
> 



[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 263 bytes --]

  reply	other threads:[~2013-01-23 21:52 UTC|newest]

Thread overview: 23+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-01-23 17:11 [B.A.T.M.A.N.] [PATCH 1/2] batman-adv: fix skb leak in batadv_dat_snoop_incoming_arp_reply() Matthias Schiffer
2013-01-23 17:11 ` [B.A.T.M.A.N.] [PATCH 2/2] batman-adv: filter out invalid DAT entries Matthias Schiffer
2013-01-23 21:07   ` Antonio Quartulli
2013-01-23 21:39     ` Matthias Schiffer
2013-01-23 21:52       ` Matthias Schiffer [this message]
2013-01-23 21:55         ` Antonio Quartulli
2013-01-23 21:53       ` Antonio Quartulli
2013-01-24 13:36         ` Marek Lindner
2013-01-24 13:38           ` Antonio Quartulli
2013-01-24 13:47             ` Marek Lindner
2013-01-24 14:44               ` Matthias Schiffer
2013-01-24 15:12                 ` Antonio Quartulli
2013-01-24 17:18                   ` Matthias Schiffer
2013-01-24 17:18                     ` [B.A.T.M.A.N.] [PATCH v2 1/2] batman-adv: check for more types of invalid IP addresses in DAT Matthias Schiffer
2013-01-24 17:18                       ` [B.A.T.M.A.N.] [PATCH v2 2/2] batman-adv: filter ARP packets with invalid MAC " Matthias Schiffer
2013-01-24 17:33                         ` Matthias Schiffer
2013-01-25 13:28                         ` Antonio Quartulli
2013-01-27  0:38                           ` Marek Lindner
2013-01-25 13:27                       ` [B.A.T.M.A.N.] [PATCH v2 1/2] batman-adv: check for more types of invalid IP " Antonio Quartulli
2013-01-27  0:34                         ` Marek Lindner
2013-01-23 21:11 ` [B.A.T.M.A.N.] [PATCH 1/2] batman-adv: fix skb leak in batadv_dat_snoop_incoming_arp_reply() Antonio Quartulli
2013-01-23 21:14   ` Antonio Quartulli
2013-01-24 13:31     ` Marek Lindner

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=51005B89.6050506@universe-factory.net \
    --to=mschiffer@universe-factory.net \
    --cc=b.a.t.m.a.n@lists.open-mesh.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.