From e2c8dadab32fa5e59159ab4fa33925d74d4690cd Mon Sep 17 00:00:00 2001 From: Ilario Gelmetti Date: Sun, 20 Oct 2019 23:46:22 +0200 Subject: [PATCH 1/4] network shares protos list with protos --- packages/lime-system/files/usr/lib/lua/lime/network.lua | 2 ++ 1 file changed, 2 insertions(+) diff --git a/packages/lime-system/files/usr/lib/lua/lime/network.lua b/packages/lime-system/files/usr/lib/lua/lime/network.lua index a20e7e311..58859eadd 100644 --- a/packages/lime-system/files/usr/lib/lua/lime/network.lua +++ b/packages/lime-system/files/usr/lib/lua/lime/network.lua @@ -280,6 +280,8 @@ function network.configure() flags["_specific_section"] = owrtIf end + flags["deviceProtos"] = deviceProtos + for _,protoParams in pairs(deviceProtos) do local args = utils.split(protoParams, network.protoParamsSeparator) if args[1] == "manual" then break end -- If manual is specified do not configure interface From 0196d834b08165ca49781c662e60160187d2467e Mon Sep 17 00:00:00 2001 From: Ilario Gelmetti Date: Sun, 20 Oct 2019 23:47:45 +0200 Subject: [PATCH 2/4] proto-babeld without VLAN running on br-lan --- packages/lime-proto-babeld/Makefile | 2 +- .../files/usr/lib/lua/lime/proto/babeld.lua | 74 +++++++++++++++++-- 2 files changed, 68 insertions(+), 8 deletions(-) diff --git a/packages/lime-proto-babeld/Makefile b/packages/lime-proto-babeld/Makefile index d11c4704b..34e7cab03 100644 --- a/packages/lime-proto-babeld/Makefile +++ b/packages/lime-proto-babeld/Makefile @@ -22,7 +22,7 @@ define Package/$(PKG_NAME) CATEGORY:=LiMe MAINTAINER:=Gioacchino Mazzurco URL:=https://libremesh.org - DEPENDS:=+babeld +lime-system + DEPENDS:=+babeld +lime-system +kmod-ebtables-ipv6 PKGARCH:=all endef diff --git a/packages/lime-proto-babeld/files/usr/lib/lua/lime/proto/babeld.lua b/packages/lime-proto-babeld/files/usr/lib/lua/lime/proto/babeld.lua index f691884b1..3d9377c60 100644 --- a/packages/lime-proto-babeld/files/usr/lib/lua/lime/proto/babeld.lua +++ b/packages/lime-proto-babeld/files/usr/lib/lua/lime/proto/babeld.lua @@ -89,6 +89,17 @@ function babeld.configure(args) uci:save("libremap") + --! If Babeld's Hello packets run over Batman-adv (whose bat0 is also + --! included in br-lan), all the Babeld nodes would appear as being direct + --! neighbors, so these Hello packets on bat0 have to be filtered + if utils.is_installed("kmod-batman-adv") then + fs.mkdir("/etc/firewall.lime.d") + fs.writefile("/etc/firewall.lime.d/21-babeld-not-over-bat0-ebtables", + "ebtables -t nat -A POSTROUTING -o bat0 -p ipv6".. + " --ip6-proto udp --ip6-sport 6696 --ip6-dport 6696 -j DROP\n") + else + fs.remove("/etc/firewall.lime.d/21-babeld-not-over-bat0-ebtables") + end end function babeld.setup_interface(ifname, args) @@ -103,21 +114,70 @@ function babeld.setup_interface(ifname, args) local vlanProto = args[3] or "8021ad" local nameSuffix = args[4] or "_babeld" + + --! If Babeld is without VLAN (vlanId is 0) it should run directly on plain + --! ethernet interfaces, but the ones which are inside of the LAN bridge + --! (e.g. eth0 or eth0.1) cannot have an IPv6 Link-Local and Babeld needs it. + --! So Babeld has to run on the bridge interface br-lan + local isIntoLAN = false + local addIPtoIf = true + for _,v in pairs(args["deviceProtos"]) do + if v == "lan" then + isIntoLAN = true + --! would be weird to add a static IP to the WAN interface + elseif v == "wan" then + addIPtoIf = false + end + end + + if ifname:match("^wlan") then + --! currently (2019-10-12) mode-ap and mode-apname have an hardcoded + --! "option network lan" so they are always in the br-lan bridge + if ifname:match("^wlan.*ap$") or ifname:match("^wlan.*apname$") then + isIntoLAN = true + + --! all the WLAN interfaces are ignored by proto-lan + --! so they are not in the bridge even if proto-lan is present + --! (except mode-ap and mode-apname as mentioned above) + else + isIntoLAN = false + end + end + + if tonumber(vlanId) == 0 and isIntoLAN then + utils.log("Rather than "..ifname.. + ", adding br-lan into Babeld interfaces") + ifname = "br-lan" + --! br-lan has already an IPv4, no need to add it + addIPtoIf = false + end + local owrtInterfaceName, linuxVlanIfName, owrtDeviceName = network.createVlanIface(ifname, vlanId, nameSuffix, vlanProto) - local ipv4, _ = network.primary_address() - local uci = config.get_uci_cursor() - if(vlanId ~= 0 and ifname:match("^eth")) then + if tonumber(vlanId) ~= 0 and ifname:match("^eth") then uci:set("network", owrtDeviceName, "mtu", tostring(network.MTU_ETH_WITH_VLAN)) end - uci:set("network", owrtInterfaceName, "proto", "static") - uci:set("network", owrtInterfaceName, "ipaddr", ipv4:host():string()) - uci:set("network", owrtInterfaceName, "netmask", "255.255.255.255") - uci:save("network") + if addIPtoIf then + local ipv4, _ = network.primary_address() + --! the "else" way should always work but it fails in a weird way + --! with some wireless interfaces without VLAN + --! (e.g. works with wlan0-mesh and fails with wlan1-mesh) + --! so for these cases, the first way is used + --! (which indeed fails for most of the other cases) + if ifname:match("^wlan") and tonumber(vlanId) == 0 then + uci:set("network", owrtInterfaceName, "ifname", "@"..owrtDeviceName) + else + uci:set("network", owrtInterfaceName, "ifname", linuxVlanIfName) + end + uci:set("network", owrtInterfaceName, "proto", "static") + uci:set("network", owrtInterfaceName, "ipaddr", ipv4:host():string()) + uci:set("network", owrtInterfaceName, "netmask", "255.255.255.255") + uci:save("network") + end uci:set("babeld", owrtInterfaceName, "interface") uci:set("babeld", owrtInterfaceName, "ifname", linuxVlanIfName) From 3624b2cc6f29b01bcf210cd2bd7545317e8a19d9 Mon Sep 17 00:00:00 2001 From: Ilario Gelmetti Date: Mon, 21 Oct 2019 13:57:57 +0200 Subject: [PATCH 3/4] babeld revert addition of check for numeric vlanId and force it to be numeric --- .../files/usr/lib/lua/lime/proto/babeld.lua | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/packages/lime-proto-babeld/files/usr/lib/lua/lime/proto/babeld.lua b/packages/lime-proto-babeld/files/usr/lib/lua/lime/proto/babeld.lua index 3d9377c60..4f24e69cf 100644 --- a/packages/lime-proto-babeld/files/usr/lib/lua/lime/proto/babeld.lua +++ b/packages/lime-proto-babeld/files/usr/lib/lua/lime/proto/babeld.lua @@ -110,7 +110,7 @@ function babeld.setup_interface(ifname, args) utils.log("lime.proto.babeld.setup_interface(...)", ifname) - local vlanId = args[2] or 17 + local vlanId = tonumber(args[2]) or 17 local vlanProto = args[3] or "8021ad" local nameSuffix = args[4] or "_babeld" @@ -144,7 +144,7 @@ function babeld.setup_interface(ifname, args) end end - if tonumber(vlanId) == 0 and isIntoLAN then + if vlanId == 0 and isIntoLAN then utils.log("Rather than "..ifname.. ", adding br-lan into Babeld interfaces") ifname = "br-lan" @@ -157,7 +157,7 @@ function babeld.setup_interface(ifname, args) local uci = config.get_uci_cursor() - if tonumber(vlanId) ~= 0 and ifname:match("^eth") then + if(vlanId ~= 0 and ifname:match("^eth")) then uci:set("network", owrtDeviceName, "mtu", tostring(network.MTU_ETH_WITH_VLAN)) end From a8369d928e34d00bad8d245c2a486688f3c78b11 Mon Sep 17 00:00:00 2001 From: Ilario Gelmetti Date: Fri, 1 Nov 2019 06:46:47 +0100 Subject: [PATCH 4/4] add babeld_over_batman option --- packages/lime-docs/files/lime-example | 1 + .../lime-proto-babeld/files/usr/lib/lua/lime/proto/babeld.lua | 3 ++- packages/lime-system/files/etc/config/lime-defaults-factory | 1 + 3 files changed, 4 insertions(+), 1 deletion(-) diff --git a/packages/lime-docs/files/lime-example b/packages/lime-docs/files/lime-example index 229469561..dc212333a 100644 --- a/packages/lime-docs/files/lime-example +++ b/packages/lime-docs/files/lime-example @@ -51,6 +51,7 @@ config lime network option bmx7_over_batman false option bmx7_pref_gw none # Force bmx7 to use a specific gateway to Internet (hostname must be used as identifier) option bmx7_wifi_rate_max 'auto' + option babeld_over_batman false # When Babeld is run without VLAN (babeld:0), it runs on the bridge which includes Batman-adv's bat0, keeping this false avoids to have Babeld seeing all the nodes as direct neighbors due to Batman-adv. Set it to true just if Babeld is active only on a few border nodes. option anygw_mac 'aa:aa:aa:%N1:%N2:aa' # Parametrizable with %Nn. Keep in mind that the ebtables rule will use a mask of ff:ff:ff:00:00:00 so br-lan will not forward anything coming in that matches the first 3 bytes of it's own anygw_mac (aa:aa:aa: by default) # option autoap_enabled 0 # Requires lime-ap-watchping installed. If enabled AP SSID is changed to ERROR when network issues # option autoap_hosts "8.8.8.8 141.1.1.1" # Requires lime-ap-watchping installed. Hosts used to check if the network is working fine diff --git a/packages/lime-proto-babeld/files/usr/lib/lua/lime/proto/babeld.lua b/packages/lime-proto-babeld/files/usr/lib/lua/lime/proto/babeld.lua index 4f24e69cf..613c76a82 100644 --- a/packages/lime-proto-babeld/files/usr/lib/lua/lime/proto/babeld.lua +++ b/packages/lime-proto-babeld/files/usr/lib/lua/lime/proto/babeld.lua @@ -92,7 +92,8 @@ function babeld.configure(args) --! If Babeld's Hello packets run over Batman-adv (whose bat0 is also --! included in br-lan), all the Babeld nodes would appear as being direct --! neighbors, so these Hello packets on bat0 have to be filtered - if utils.is_installed("kmod-batman-adv") then + local babeldOverBatman = config.get_bool("network", "babeld_over_batman") + if utils.is_installed("kmod-batman-adv") and not babeldOverBatman then fs.mkdir("/etc/firewall.lime.d") fs.writefile("/etc/firewall.lime.d/21-babeld-not-over-bat0-ebtables", "ebtables -t nat -A POSTROUTING -o bat0 -p ipv6".. diff --git a/packages/lime-system/files/etc/config/lime-defaults-factory b/packages/lime-system/files/etc/config/lime-defaults-factory index 958e1b830..d2aa85bfd 100644 --- a/packages/lime-system/files/etc/config/lime-defaults-factory +++ b/packages/lime-system/files/etc/config/lime-defaults-factory @@ -39,6 +39,7 @@ config lime network option bmx7_over_batman false option bmx7_pref_gw none option bmx7_wifi_rate_max 'auto' + option babeld_over_batman false option anygw_mac "aa:aa:aa:%N1:%N2:aa" option use_odhcpd false