lime-proto-batadv: set gw_mode=client by default if anygw is enabled

DHCP requests are always answered locally by dnsmasq, so forwarding them over bat0 is unnecesary, and if a rogue DHCP server is anywhere in the network, it replies to these requests creating confusion. Setting bat0 gw_mode=client prevents this, without side-effects. (As long as there's no gw_mode=server, in which case they would simply unicast the requests to that nodes. Rogue DHCP servers still mitigated) Signed-off-by: Gui Iribarren <gui@altermundi.net>
libremesh · Mar 20, 2017 · fc0ed8d · fc0ed8d
1 parent 58487ce
commit fc0ed8d
Showing 1 changed file with 6 additions and 1 deletion.
diff --git a/packages/lime-proto-batadv/src/batadv.lua b/packages/lime-proto-batadv/src/batadv.lua
@@ -23,8 +23,13 @@ function batadv.configure(args)
 	uci:set("batman-adv", "bat0", "multicast_mode", "0")
 
 	-- if anygw enabled disable DAT that doesn't play well with it
+	-- and set gw_mode=client everywhere. Since there's no gw_mode=server, this makes bat0 never forward requests
+	-- so a rogue DHCP server doesn't affect whole network (DHCP requests are always answered locally)
 	for _,proto in pairs(config.get("network", "protocols")) do
-		if proto == "anygw" then uci:set("batman-adv", "bat0", "distributed_arp_table", "0") end
+		if proto == "anygw" then
+			uci:set("batman-adv", "bat0", "distributed_arp_table", "0")
+			uci:set("batman-adv", "bat0", "gw_mode", "client")
+		end
 	end
 	uci:save("batman-adv")
 	lan.setup_interface("bat0", nil)