1 /* 2 * Generic Snooping for Proxy ARP 3 * Copyright (c) 2014, Qualcomm Atheros, Inc. 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9 #include "utils/includes.h" 10 11 #include "utils/common.h" 12 #include "hostapd.h" 13 #include "sta_info.h" 14 #include "ap_drv_ops.h" 15 #include "x_snoop.h" 16 17 18 int x_snoop_init(struct hostapd_data *hapd) 19 { 20 struct hostapd_bss_config *conf = hapd->conf; 21 22 if (!conf->isolate) { 23 wpa_printf(MSG_DEBUG, 24 "x_snoop: ap_isolate must be enabled for x_snoop"); 25 return -1; 26 } 27 28 if (conf->bridge[0] == '\0') { 29 wpa_printf(MSG_DEBUG, 30 "x_snoop: Bridge must be configured for x_snoop"); 31 return -1; 32 } 33 34 if (hostapd_drv_br_port_set_attr(hapd, DRV_BR_PORT_ATTR_HAIRPIN_MODE, 35 1)) { 36 wpa_printf(MSG_DEBUG, 37 "x_snoop: Failed to enable hairpin_mode on the bridge port"); 38 return -1; 39 } 40 41 if (hostapd_drv_br_port_set_attr(hapd, DRV_BR_PORT_ATTR_PROXYARP, 1)) { 42 wpa_printf(MSG_DEBUG, 43 "x_snoop: Failed to enable proxyarp on the bridge port"); 44 return -1; 45 } 46 47 if (hostapd_drv_br_set_net_param(hapd, DRV_BR_NET_PARAM_GARP_ACCEPT, 48 1)) { 49 wpa_printf(MSG_DEBUG, 50 "x_snoop: Failed to enable accepting gratuitous ARP on the bridge"); 51 return -1; 52 } 53 54 #ifdef CONFIG_IPV6 55 if (hostapd_drv_br_set_net_param(hapd, DRV_BR_MULTICAST_SNOOPING, 1)) { 56 wpa_printf(MSG_DEBUG, 57 "x_snoop: Failed to enable multicast snooping on the bridge"); 58 return -1; 59 } 60 #endif /* CONFIG_IPV6 */ 61 62 return 0; 63 } 64 65 66 struct l2_packet_data * 67 x_snoop_get_l2_packet(struct hostapd_data *hapd, 68 void (*handler)(void *ctx, const u8 *src_addr, 69 const u8 *buf, size_t len), 70 enum l2_packet_filter_type type) 71 { 72 struct hostapd_bss_config *conf = hapd->conf; 73 struct l2_packet_data *l2; 74 75 l2 = l2_packet_init(conf->bridge, NULL, ETH_P_ALL, handler, hapd, 1); 76 if (l2 == NULL) { 77 wpa_printf(MSG_DEBUG, 78 "x_snoop: Failed to initialize L2 packet processing %s", 79 strerror(errno)); 80 return NULL; 81 } 82 83 if (l2_packet_set_packet_filter(l2, type)) { 84 wpa_printf(MSG_DEBUG, 85 "x_snoop: Failed to set L2 packet filter for type: %d", 86 type); 87 l2_packet_deinit(l2); 88 return NULL; 89 } 90 91 return l2; 92 } 93 94 95 void x_snoop_mcast_to_ucast_convert_send(struct hostapd_data *hapd, 96 struct sta_info *sta, u8 *buf, 97 size_t len) 98 { 99 int res; 100 u8 addr[ETH_ALEN]; 101 u8 *dst_addr = buf; 102 103 if (!(dst_addr[0] & 0x01)) 104 return; 105 106 wpa_printf(MSG_EXCESSIVE, "x_snoop: Multicast-to-unicast conversion " 107 MACSTR " -> " MACSTR " (len %u)", 108 MAC2STR(dst_addr), MAC2STR(sta->addr), (unsigned int) len); 109 110 /* save the multicast destination address for restoring it later */ 111 os_memcpy(addr, buf, ETH_ALEN); 112 113 os_memcpy(buf, sta->addr, ETH_ALEN); 114 res = l2_packet_send(hapd->sock_dhcp, NULL, 0, buf, len); 115 if (res < 0) { 116 wpa_printf(MSG_DEBUG, 117 "x_snoop: Failed to send mcast to ucast converted packet to " 118 MACSTR, MAC2STR(sta->addr)); 119 } 120 121 /* restore the multicast destination address */ 122 os_memcpy(buf, addr, ETH_ALEN); 123 } 124 125 126 void x_snoop_deinit(struct hostapd_data *hapd) 127 { 128 hostapd_drv_br_set_net_param(hapd, DRV_BR_NET_PARAM_GARP_ACCEPT, 0); 129 hostapd_drv_br_port_set_attr(hapd, DRV_BR_PORT_ATTR_PROXYARP, 0); 130 hostapd_drv_br_port_set_attr(hapd, DRV_BR_PORT_ATTR_HAIRPIN_MODE, 0); 131 } 132
