[B.A.T.M.A.N.] [PATCH] batman-adv: avoid ap_isolated check for broadcast packet

Antonio Quartulli ordex at autistici.org
Tue Mar 6 00:11:06 CET 2012


On Tue, Mar 06, 2012 at 03:52:46AM +0800, Marek Lindner wrote:
> On Monday, March 05, 2012 15:51:51 Antonio Quartulli wrote:
> > in case of a broadcast packet, the result of the ap_isolated check is
> > always false (since we have no ff:ff:ff:ff:ff:ff client to check for
> > TT_CLIENT_WIFI), therefore we can avoid searching the translation table
> > and we can return false directly
> 
> How about also checking the source address ?

Actually I assumed that "legal" data only is passed to this function and so
there should be no need to check for the source address as well.

But I think this assumption is wrong, right? Actually the "internal" data of a
unicast/broadcast packet is never checked and so I should not assume that the
addresses passed to this function are legal.

> You probably also should add similar checks for tt_local_add() ?

Yep, we probably want to have the same checks in tt_local_add() because a wired
client could send any spoofed packet and we should protect our tables from them.

> Or do we have "legal" cases in which we announce multicast addresses ?

Not that I know (right now)


Cheers,
and greetings from Bruxelles

-- 
Antonio Quartulli

..each of us alone is worth nothing..
Ernesto "Che" Guevara
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
URL: <http://lists.open-mesh.org/pipermail/b.a.t.m.a.n/attachments/20120306/60e519c1/attachment.pgp>


More information about the B.A.T.M.A.N mailing list