This package drops all incoming router advertisements except for the
default router with the best metric according to B.A.T.M.A.N. advanced.

Note that advertisements originating from the node itself (for example
via gluon-radvd) are not affected.

…BATMAN data

This reduces the average CPU consumption (on a WDR4300) from 3% to 1%.

Also, this commit adds error messages when the parsing fails and makes matching
more flexible after all relevant fields have been found.

As I have seen instances of ebtables being killed with a timeout of 100ms,
increasing it to 500ms.

Also, to ease the straint on the CPU, increasing minimum time between TQ checks
to 15 seconds.

Previously, only one nexthop was recognized. The parsing of the whole file
failed immediately when two or more hops were possible for *any* originator (not
only for one with a router behind it).

This makes the parser ignore most of the line in the originators table.

Move more to BPF code and do not try to parse extension headers in C that
wouldn't have made it through BPF anyway.

The router lifetime field actually is 2 bytes long, but we only checked
the first one, thus falsely discarding RAs with router lifetime < 256
seconds.

Both source files require the _GNU_SOURCE preprocessor. But for one file it is
defined in the source and for the other one in the Makefile. It is better
to have it in the Makefile to avoid that different source files in the same
project use different.

Signed-off-by: Sven Eckelmann <sven@narfation.org>

The macro foreach is dereferencing router to get the next node in list.
This even happens when the node was just freed in the last iteration (and
thus could crash the program).

To avoid this crash, the next pointer has to be saved before the node is
freed.

Signed-off-by: Sven Eckelmann <sven@narfation.org>

Signed-off-by: Sven Eckelmann <sven@narfation.org>

These variables are only used in the the same file. They can therefore be
static and don't have to be exported by the executable.

Signed-off-by: Sven Eckelmann <sven@narfation.org>

The bind to an interface can fail and the socket then isn't working as
expected. The daemon must therefore handle this problem.

Signed-off-by: Sven Eckelmann <sven@narfation.org>

Signed-off-by: Sven Eckelmann <sven@narfation.org>

The router access code is spread throughout the program. It is easier to
modify it when the common functionality is encapsulated in some helper
functions.

Signed-off-by: Sven Eckelmann <sven@narfation.org>

The allocation of a new router object can fail. It must therefore be
handled to avoid segfaults.

Signed-off-by: Sven Eckelmann <sven@narfation.org>

The ICMPv6 packet is stored in network byte order. It must therefore always
be converted to host byteorder before it can be used in calculations.

Signed-off-by: Sven Eckelmann <sven@narfation.org>

All invocations of va_start must have a corresponding va_end.

Signed-off-by: Sven Eckelmann <sven@narfation.org>

The recvfrom can fail and return -1. The caller must check for this error
to avoid that it reads uninitialized data from pkt.

Signed-off-by: Sven Eckelmann <sven@narfation.org>

The 6th argument to recvfrom is not an unsigned int pointer. This may work
on systems where socklen_t and unsigned int are both 4 byte but other
systems may use 8 byte for that (glibc uses size_t as type for socklen_t
and size_t is 8 byte on amd64 and similar architectures).

Signed-off-by: Sven Eckelmann <sven@narfation.org>

The check of prerequisitions is rather long and becomes unreadable. Having
it in an extra function makes the code slightly more structured and better
readable.

Signed-off-by: Sven Eckelmann <sven@narfation.org>

The TQ of the best router can be lower than the hysteresis_thresh. The
check could cause an integer underflow which then causes an election which
is not necessary.

This can be avoided by reordering the check slightly and only substracting
values which will not cause underflows.

Signed-off-by: Sven Eckelmann <sven@narfation.org>

The value returned by time is not monotonic. It can jump around because it
depends on a user configurable clock. This can lead to hangs in the
processing of routers.

A monotonic clock must be used instead to avoid this problem.

Signed-off-by: Sven Eckelmann <sven@narfation.org>

The select can be interrupted when it receives a signal. But the signal
might be handled and thus it should not result in an kill.

Signed-off-by: Sven Eckelmann <sven@narfation.org>

The daemon must make sure that it doesn't filter any incoming router
advertisement when it was shut down. This can be achieved by flushing all
current rules and/or adding an ACCEPT all rule at the end. When both
commands work, the state of the chain will be the same as
/lib/gluon/ebtables/400-radv-filter created it.

This doesn't handle the problem that the daemon may have been crashed and
thus the chain is in an undefined state.

Signed-off-by: Sven Eckelmann <sven@narfation.org>

The memory returned after malloc is not initialized. It must be initialized
before it is accessed in update_tqs and compared against 00:00:00:00:00:00.
Otherwise the TQ retrievel could fail because the originator address is
never updated.

Signed-off-by: Sven Eckelmann <sven@narfation.org>

The correct way to get the data from batman-adv is not to try to parse the
freeform debugfs files. Instead, the generic netlink family "batadv" should
be used to request the tables in binary form.

Signed-off-by: Sven Eckelmann <sven@narfation.org>

A socket with the value 0 is valid (and it the first opened socket). It is
therefore a bad idea to check for 0 when wanting to find out whether a
socket was initialized.

Instead initialize it with -1 and check for < 0 to find out whether the
socket was initialized or not.

Signed-off-by: Sven Eckelmann <sven@narfation.org>

The init scripts adds the br-client as netdev for the daemon. The daemon
will automatically be restarted when the netdev's ifindex is changed and
the reload target of the init script is called. But something has to call
this script first.

This can be done the procd triggers interface which can simply wait for all
events from type "interface.*". The reload target will always be called but
the daemon will only be restarted when the br-client ifindex actually
changed.

Signed-off-by: Sven Eckelmann <sven@narfation.org>

Signed-off-by: Sven Eckelmann <sven@narfation.org>

This enables the ebtables internal locking mechanism which will avoid race
conditions between multiple, concurrent ebtables calls.

Signed-off-by: Sven Eckelmann <sven@narfation.org>