From beb7b5bbe578035efdf8ebbb521065b15e40f9b0 Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Fri, 23 May 2014 14:32:31 -0700 Subject: GitHub Issue #69 - make MAC assignment schema differ between virtual networks. --- node/PacketDecoder.cpp | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) (limited to 'node/PacketDecoder.cpp') diff --git a/node/PacketDecoder.cpp b/node/PacketDecoder.cpp index 36f7ead7..9fbc10bf 100644 --- a/node/PacketDecoder.cpp +++ b/node/PacketDecoder.cpp @@ -414,7 +414,11 @@ bool PacketDecoder::_doFRAME(const RuntimeEnvironment *_r,const SharedPtr unsigned int etherType = at(ZT_PROTO_VERB_FRAME_IDX_ETHERTYPE); if (size() > ZT_PROTO_VERB_FRAME_IDX_PAYLOAD) { if (network->config()->permitsEtherType(etherType)) { - network->tapPut(source().toMAC(),etherType,data() + ZT_PROTO_VERB_FRAME_IDX_PAYLOAD,size() - ZT_PROTO_VERB_FRAME_IDX_PAYLOAD); + network->tapPut( + MAC(source(),network->id()), + etherType, + data() + ZT_PROTO_VERB_FRAME_IDX_PAYLOAD, + size() - ZT_PROTO_VERB_FRAME_IDX_PAYLOAD); } else { TRACE("dropped FRAME from %s: ethernet type %u not allowed on network %.16llx",source().toString().c_str(),etherType,(unsigned long long)network->id()); return true; @@ -481,8 +485,8 @@ bool PacketDecoder::_doMULTICAST_FRAME(const RuntimeEnvironment *_r,const Shared const unsigned int prefixBits = (*this)[ZT_PROTO_VERB_MULTICAST_FRAME_IDX_PROPAGATION_PREFIX_BITS]; const unsigned int prefix = (*this)[ZT_PROTO_VERB_MULTICAST_FRAME_IDX_PROPAGATION_PREFIX]; const uint64_t guid = at(ZT_PROTO_VERB_MULTICAST_FRAME_IDX_GUID); - const MAC sourceMac(field(ZT_PROTO_VERB_MULTICAST_FRAME_IDX_SOURCE_MAC,ZT_PROTO_VERB_MULTICAST_FRAME_LEN_SOURCE_MAC)); - const MulticastGroup dest(MAC(field(ZT_PROTO_VERB_MULTICAST_FRAME_IDX_DEST_MAC,ZT_PROTO_VERB_MULTICAST_FRAME_LEN_DEST_MAC)),at(ZT_PROTO_VERB_MULTICAST_FRAME_IDX_DEST_ADI)); + const MAC sourceMac(field(ZT_PROTO_VERB_MULTICAST_FRAME_IDX_SOURCE_MAC,ZT_PROTO_VERB_MULTICAST_FRAME_LEN_SOURCE_MAC),ZT_PROTO_VERB_MULTICAST_FRAME_LEN_SOURCE_MAC); + const MulticastGroup dest(MAC(field(ZT_PROTO_VERB_MULTICAST_FRAME_IDX_DEST_MAC,ZT_PROTO_VERB_MULTICAST_FRAME_LEN_DEST_MAC),ZT_PROTO_VERB_MULTICAST_FRAME_LEN_DEST_MAC),at(ZT_PROTO_VERB_MULTICAST_FRAME_IDX_DEST_ADI)); const unsigned int etherType = at(ZT_PROTO_VERB_MULTICAST_FRAME_IDX_ETHERTYPE); const unsigned int frameLen = at(ZT_PROTO_VERB_MULTICAST_FRAME_IDX_FRAME_LEN); const unsigned char *const frame = field(ZT_PROTO_VERB_MULTICAST_FRAME_IDX_FRAME,frameLen); @@ -635,7 +639,7 @@ bool PacketDecoder::_doMULTICAST_FRAME(const RuntimeEnvironment *_r,const Shared // We do not terminate here, since if the member just has an out of // date cert or hasn't sent us a cert yet we still want to propagate // the message so multicast keeps working downstream. - } else if ((!nconf->permitsBridging(origin))&&(!origin.wouldHaveMac(sourceMac))) { + } else if ((!nconf->permitsBridging(origin))&&(MAC(origin,network->id()) != sourceMac)) { // This *does* terminate propagation, since it's technically a // security violation of the network's bridging policy. But if we // were to keep propagating it wouldn't hurt anything, just waste @@ -829,7 +833,7 @@ bool PacketDecoder::_doMULTICAST_LIKE(const RuntimeEnvironment *_r,const SharedP uint64_t nwid = at(ptr); SharedPtr network(_r->nc->network(nwid)); if ((_r->topology->amSupernode())||((network)&&(network->isAllowed(peer->address())))) { - _r->mc->likesGroup(nwid,src,MulticastGroup(MAC(field(ptr + 8,6)),at(ptr + 14)),now); + _r->mc->likesGroup(nwid,src,MulticastGroup(MAC(field(ptr + 8,6),6),at(ptr + 14)),now); if (network) network->pushMembershipCertificate(peer->address(),false,now); } -- cgit v1.2.3