Line data Source code
1 : /*
2 : * Generic Snooping for Proxy ARP
3 : * Copyright (c) 2014, Qualcomm Atheros, Inc.
4 : *
5 : * This software may be distributed under the terms of the BSD license.
6 : * See README for more details.
7 : */
8 :
9 : #include "utils/includes.h"
10 :
11 : #include "utils/common.h"
12 : #include "hostapd.h"
13 : #include "sta_info.h"
14 : #include "ap_drv_ops.h"
15 : #include "x_snoop.h"
16 :
17 :
18 7 : int x_snoop_init(struct hostapd_data *hapd)
19 : {
20 7 : struct hostapd_bss_config *conf = hapd->conf;
21 :
22 7 : if (!conf->isolate) {
23 1 : wpa_printf(MSG_DEBUG,
24 : "x_snoop: ap_isolate must be enabled for x_snoop");
25 1 : return -1;
26 : }
27 :
28 6 : if (conf->bridge[0] == '\0') {
29 1 : wpa_printf(MSG_DEBUG,
30 : "x_snoop: Bridge must be configured for x_snoop");
31 1 : return -1;
32 : }
33 :
34 5 : if (hostapd_drv_br_port_set_attr(hapd, DRV_BR_PORT_ATTR_HAIRPIN_MODE,
35 : 1)) {
36 0 : wpa_printf(MSG_DEBUG,
37 : "x_snoop: Failed to enable hairpin_mode on the bridge port");
38 0 : return -1;
39 : }
40 :
41 5 : if (hostapd_drv_br_port_set_attr(hapd, DRV_BR_PORT_ATTR_PROXYARP, 1)) {
42 0 : wpa_printf(MSG_DEBUG,
43 : "x_snoop: Failed to enable proxyarp on the bridge port");
44 0 : return -1;
45 : }
46 :
47 5 : if (hostapd_drv_br_set_net_param(hapd, DRV_BR_NET_PARAM_GARP_ACCEPT,
48 : 1)) {
49 0 : wpa_printf(MSG_DEBUG,
50 : "x_snoop: Failed to enable accepting gratuitous ARP on the bridge");
51 0 : return -1;
52 : }
53 :
54 : #ifdef CONFIG_IPV6
55 5 : if (hostapd_drv_br_set_net_param(hapd, DRV_BR_MULTICAST_SNOOPING, 1)) {
56 0 : wpa_printf(MSG_DEBUG,
57 : "x_snoop: Failed to enable multicast snooping on the bridge");
58 0 : return -1;
59 : }
60 : #endif /* CONFIG_IPV6 */
61 :
62 5 : return 0;
63 : }
64 :
65 :
66 : struct l2_packet_data *
67 10 : x_snoop_get_l2_packet(struct hostapd_data *hapd,
68 : void (*handler)(void *ctx, const u8 *src_addr,
69 : const u8 *buf, size_t len),
70 : enum l2_packet_filter_type type)
71 : {
72 10 : struct hostapd_bss_config *conf = hapd->conf;
73 : struct l2_packet_data *l2;
74 :
75 10 : l2 = l2_packet_init(conf->bridge, NULL, ETH_P_ALL, handler, hapd, 1);
76 10 : if (l2 == NULL) {
77 0 : wpa_printf(MSG_DEBUG,
78 : "x_snoop: Failed to initialize L2 packet processing %s",
79 0 : strerror(errno));
80 0 : return NULL;
81 : }
82 :
83 10 : if (l2_packet_set_packet_filter(l2, type)) {
84 0 : wpa_printf(MSG_DEBUG,
85 : "x_snoop: Failed to set L2 packet filter for type: %d",
86 : type);
87 0 : l2_packet_deinit(l2);
88 0 : return NULL;
89 : }
90 :
91 10 : return l2;
92 : }
93 :
94 :
95 8 : void x_snoop_mcast_to_ucast_convert_send(struct hostapd_data *hapd,
96 : struct sta_info *sta, u8 *buf,
97 : size_t len)
98 : {
99 : int res;
100 : u8 addr[ETH_ALEN];
101 8 : u8 *dst_addr = buf;
102 :
103 8 : if (!(dst_addr[0] & 0x01))
104 8 : return;
105 :
106 104 : wpa_printf(MSG_EXCESSIVE, "x_snoop: Multicast-to-unicast conversion "
107 : MACSTR " -> " MACSTR " (len %u)",
108 96 : MAC2STR(dst_addr), MAC2STR(sta->addr), (unsigned int) len);
109 :
110 : /* save the multicast destination address for restoring it later */
111 8 : os_memcpy(addr, buf, ETH_ALEN);
112 :
113 8 : os_memcpy(buf, sta->addr, ETH_ALEN);
114 8 : res = l2_packet_send(hapd->sock_dhcp, NULL, 0, buf, len);
115 8 : if (res < 0) {
116 0 : wpa_printf(MSG_DEBUG,
117 : "x_snoop: Failed to send mcast to ucast converted packet to "
118 0 : MACSTR, MAC2STR(sta->addr));
119 : }
120 :
121 : /* restore the multicast destination address */
122 8 : os_memcpy(buf, addr, ETH_ALEN);
123 : }
124 :
125 :
126 1682 : void x_snoop_deinit(struct hostapd_data *hapd)
127 : {
128 1682 : hostapd_drv_br_set_net_param(hapd, DRV_BR_NET_PARAM_GARP_ACCEPT, 0);
129 1682 : hostapd_drv_br_port_set_attr(hapd, DRV_BR_PORT_ATTR_PROXYARP, 0);
130 1682 : hostapd_drv_br_port_set_attr(hapd, DRV_BR_PORT_ATTR_HAIRPIN_MODE, 0);
131 1682 : }
|
