hostapd: fix applying gratuitous ARP settings with bridge-vlan

The arp_accept setting needs to be applied to the snoop_iface

Signed-off-by: Felix Fietkau <nbd@nbd.name>

diff --git a/package/network/services/hostapd/patches/740-snoop_iface.patch b/package/network/services/hostapd/patches/740-snoop_iface.patch
index 6b6cc0fad7993499326cc12e89b34404b558962c..004b8a0d392a7ea4c8b5cc5f77ed91f42efa3122 100644 (file)
--- a/package/network/services/hostapd/patches/740-snoop_iface.patch
+++ b/package/network/services/hostapd/patches/740-snoop_iface.patch
@@ -10,7 +10,7 @@
        int bridge_hairpin; /* hairpin_mode on bridge members */
 --- a/src/ap/x_snoop.c
 +++ b/src/ap/x_snoop.c
-@@ -33,14 +33,16 @@ int x_snoop_init(struct hostapd_data *ha
+@@ -33,28 +33,31 @@ int x_snoop_init(struct hostapd_data *ha
  
        hapd->x_snoop_initialized = true;
  
@@ -29,13 +29,20 @@
                wpa_printf(MSG_DEBUG,
                           "x_snoop: Failed to enable proxyarp on the bridge port");
                return -1;
-@@ -54,7 +56,8 @@ int x_snoop_init(struct hostapd_data *ha
+       }
+ 
+       if (hostapd_drv_br_set_net_param(hapd, DRV_BR_NET_PARAM_GARP_ACCEPT,
+-                                       1)) {
++                                       conf->snoop_iface[0] ? conf->snoop_iface : NULL, 1)) {
+               wpa_printf(MSG_DEBUG,
+                          "x_snoop: Failed to enable accepting gratuitous ARP on the bridge");
+               return -1;
        }
  
  #ifdef CONFIG_IPV6
 -      if (hostapd_drv_br_set_net_param(hapd, DRV_BR_MULTICAST_SNOOPING, 1)) {
 +      if (!conf->snoop_iface[0] &&
-+          hostapd_drv_br_set_net_param(hapd, DRV_BR_MULTICAST_SNOOPING, 1)) {
++          hostapd_drv_br_set_net_param(hapd, DRV_BR_MULTICAST_SNOOPING, NULL, 1)) {
                wpa_printf(MSG_DEBUG,
                           "x_snoop: Failed to enable multicast snooping on the bridge");
                return -1;
@@ -44,15 +51,29 @@
        struct hostapd_bss_config *conf = hapd->conf;
        struct l2_packet_data *l2;
 +      const char *ifname = conf->bridge;
- 
--      l2 = l2_packet_init(conf->bridge, NULL, ETH_P_ALL, handler, hapd, 1);
++
 +      if (conf->snoop_iface[0])
 +              ifname = conf->snoop_iface;
-+
+ 
+-      l2 = l2_packet_init(conf->bridge, NULL, ETH_P_ALL, handler, hapd, 1);
 +      l2 = l2_packet_init(ifname, NULL, ETH_P_ALL, handler, hapd, 1);
        if (l2 == NULL) {
                wpa_printf(MSG_DEBUG,
                           "x_snoop: Failed to initialize L2 packet processing %s",
+@@ -127,9 +134,12 @@ void x_snoop_mcast_to_ucast_convert_send
+ 
+ void x_snoop_deinit(struct hostapd_data *hapd)
+ {
++      struct hostapd_bss_config *conf = hapd->conf;
++
+       if (!hapd->x_snoop_initialized)
+               return;
+-      hostapd_drv_br_set_net_param(hapd, DRV_BR_NET_PARAM_GARP_ACCEPT, 0);
++      hostapd_drv_br_set_net_param(hapd, DRV_BR_NET_PARAM_GARP_ACCEPT,
++                                   conf->snoop_iface[0] ? conf->snoop_iface : NULL, 0);
+       hostapd_drv_br_port_set_attr(hapd, DRV_BR_PORT_ATTR_PROXYARP, 0);
+       hostapd_drv_br_port_set_attr(hapd, DRV_BR_PORT_ATTR_HAIRPIN_MODE, 0);
+       hapd->x_snoop_initialized = false;
 --- a/hostapd/config_file.c
 +++ b/hostapd/config_file.c
 @@ -2322,6 +2322,8 @@ static int hostapd_config_fill(struct ho
@@ -64,3 +85,55 @@
        } else if (os_strcmp(buf, "vlan_bridge") == 0) {
                os_strlcpy(bss->vlan_bridge, pos, sizeof(bss->vlan_bridge));
        } else if (os_strcmp(buf, "wds_bridge") == 0) {
+--- a/src/ap/ap_drv_ops.h
++++ b/src/ap/ap_drv_ops.h
+@@ -366,12 +366,12 @@ static inline int hostapd_drv_br_port_se
+ 
+ static inline int hostapd_drv_br_set_net_param(struct hostapd_data *hapd,
+                                              enum drv_br_net_param param,
+-                                             unsigned int val)
++                                             const char *ifname, unsigned int val)
+ {
+       if (hapd->driver == NULL || hapd->drv_priv == NULL ||
+           hapd->driver->br_set_net_param == NULL)
+               return -1;
+-      return hapd->driver->br_set_net_param(hapd->drv_priv, param, val);
++      return hapd->driver->br_set_net_param(hapd->drv_priv, param, ifname, val);
+ }
+ 
+ static inline int hostapd_drv_vendor_cmd(struct hostapd_data *hapd,
+--- a/src/drivers/driver.h
++++ b/src/drivers/driver.h
+@@ -4206,7 +4206,7 @@ struct wpa_driver_ops {
+        * Returns: 0 on success, negative (<0) on failure
+        */
+       int (*br_set_net_param)(void *priv, enum drv_br_net_param param,
+-                              unsigned int val);
++                              const char *ifname, unsigned int val);
+ 
+       /**
+        * get_wowlan - Get wake-on-wireless status
+--- a/src/drivers/driver_nl80211.c
++++ b/src/drivers/driver_nl80211.c
+@@ -12127,7 +12127,7 @@ static const char * drv_br_net_param_str
+ 
+ 
+ static int wpa_driver_br_set_net_param(void *priv, enum drv_br_net_param param,
+-                                     unsigned int val)
++                                     const char *ifname, unsigned int val)
+ {
+       struct i802_bss *bss = priv;
+       char path[128];
+@@ -12153,8 +12153,11 @@ static int wpa_driver_br_set_net_param(v
+                       return -EINVAL;
+       }
+ 
++      if (!ifname)
++              ifname = bss->brname;
++
+       os_snprintf(path, sizeof(path), "/proc/sys/net/ipv%d/conf/%s/%s",
+-                  ip_version, bss->brname, param_txt);
++                  ip_version, ifname, param_txt);
+ 
+ set_val:
+       if (linux_write_system_file(path, val))