On Fri, Feb 15, 2019 at 12:16:31AM +0800, Marek Lindner wrote:
On Thursday, 14 February 2019 23:51:00 HKT Linus Lüssing wrote:
So far, gratuitous ARP Replies were ignored for DAT processing as it contains a broadcast MAC address. This patch changes this and allows snooping such ARP messages, too.
Gratuitous ARP Replies were ignored since this commit: ab361a9ccc5 ("batman-adv: filter ARP packets with invalid MAC addresses in
DAT")
You're kind enough to mention when the filter was introduced but fail to explain why the filter introduced in the past was has outlived its usefulness or how the new behavior addresses the previous concerns.
That patch added filtering for both zero and broadcast MAC addresses. While the original premise is correct - we do not want those addresses in the DAT, the assumption that a broadcast MAC address as ARP target MAC address were invalid, is wrong. Gratuitous ARP Replies are valid packets.
So that patch was a bit too strict in that regard, I think. For gratuitous ARP it's enough to ignore the (Target MAC/Target IP) pair. Snooping the (Sender MAC/Sender IP) should be fine.