sync/ports
1
0
Fork 0
mirror of https://git.freebsd.org/ports.git synced 2025-07-18 01:39:16 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

net/hostapd: wpa: Enable receiving priority tagged (VID 0) frames

Browse source 
Certain internet service providers transmit vlan 0 priority tagged
EAPOL frames from the ONT towards the residential gateway. VID 0
should be ignored, and the frame processed according to the priority
set in the 802.1P bits and the encapsulated EtherType (i.e. EAPOL).

The pcap filter utilized by l2_packet is inadquate for this use case.

Here we modify the pcap filter to accept both unencapsulated and
encapsulated (with VLAN 0) EAPOL EtherTypes. This preserves the
original filter behavior while also matching on encapsulated EAPOL.

Sponsored by:   Rubicon Communications, LLC ("Netgate")
Reviewed by:    cy
Obtained from:	src bb5d6d14d81b
PR:             273696
MFH:		2023Q3
This commit is contained in:
R. Christian McDonald 2023-09-11 22:26:08 -07:00 committed by Cy Schubert
parent 218c7064c3
commit 33410dc2fc
2 changed files with 29 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
net/hostapd/Makefile
View file

@ -1,6 +1,6 @@
PORTNAME= hostapd PORTNAME= hostapd
PORTVERSION= 2.10 PORTVERSION= 2.10
PORTREVISION= 7 PORTREVISION= 8
CATEGORIES= net CATEGORIES= net
MASTER_SITES= https://w1.fi/releases/ MASTER_SITES= https://w1.fi/releases/

30
net/hostapd/files/patch-src_l2__packet_l2__packet__freebsd.c
View file

@ -1,5 +1,5 @@
--- src/l2_packet/l2_packet_freebsd.c.orig 2022-01-16 12:51:29.000000000 -0800 --- src/l2_packet/l2_packet_freebsd.c.orig 2022-01-16 12:51:29.000000000 -0800
+++ src/l2_packet/l2_packet_freebsd.c 2023-09-11 22:00:09.826831000 -0700 +++ src/l2_packet/l2_packet_freebsd.c 2023-09-11 22:21:12.054042000 -0700
@@ -8,7 +8,10 @@ @@ -8,7 +8,10 @@
*/ */
@ -12,7 +12,15 @@
#include <net/bpf.h> #include <net/bpf.h>
#endif /* __APPLE__ */ #endif /* __APPLE__ */
#include <pcap.h> #include <pcap.h>
@@ -76,24 +79,28 @@ @@ -20,6 +23,7 @@
#include <sys/sysctl.h>
#endif /* __sun__ */
+#include <net/ethernet.h>
#include <net/if.h>
#include <net/if_dl.h>
#include <net/route.h>
@@ -76,24 +80,33 @@
{ {
struct l2_packet_data *l2 = eloop_ctx; struct l2_packet_data *l2 = eloop_ctx;
pcap_t *pcap = sock_ctx; pcap_t *pcap = sock_ctx;
@ -43,6 +51,24 @@
buf = (unsigned char *) (ethhdr + 1); buf = (unsigned char *) (ethhdr + 1);
- len = hdr.caplen - sizeof(*ethhdr); - len = hdr.caplen - sizeof(*ethhdr);
+ len = hdr->caplen - sizeof(*ethhdr); + len = hdr->caplen - sizeof(*ethhdr);
+ /* handle 8021Q encapsulated frames */
+ if (ethhdr->h_proto == htons(ETH_P_8021Q)) {
+ buf += ETHER_VLAN_ENCAP_LEN;
+ len -= ETHER_VLAN_ENCAP_LEN;
+ }
} }
l2->rx_callback(l2->rx_callback_ctx, ethhdr->h_source, buf, len); l2->rx_callback(l2->rx_callback_ctx, ethhdr->h_source, buf, len);
} }
@@ -122,10 +135,10 @@
os_snprintf(pcap_filter, sizeof(pcap_filter),
"not ether src " MACSTR " and "
"( ether dst " MACSTR " or ether dst " MACSTR " ) and "
- "ether proto 0x%x",
+ "( ether proto 0x%x or ( vlan 0 and ether proto 0x%x ) )",
MAC2STR(l2->own_addr), /* do not receive own packets */
MAC2STR(l2->own_addr), MAC2STR(pae_group_addr),
- protocol);
+ protocol, protocol);
if (pcap_compile(l2->pcap, &pcap_fp, pcap_filter, 1, pcap_netp) < 0) {
fprintf(stderr, "pcap_compile: %s\n", pcap_geterr(l2->pcap));
return -1;