This patch adds a prefix advertisment for each node. Every node get also
the IPs
* $prefix::MAC
* $prefix::link-local
* $prefix::1
::1 is duplicated so we need filtering to not forward data into the
network for ::1.
Signed-off-by: Tim Niemeyer <tim.niemeyer@mastersword.de>
Reviewed-by: Jan Kraus <mayosemmel@gmail.com
Reviewed-by: Tobias Klaus <tk+ff@meskal.net>
This ebtables rules are based on the gluon work.
Signed-off-by: Tim Niemeyer <tim.niemeyer@mastersword.de>
Reviewed-by: Tobias Klaus <tk+ff@meskal.net>
This isn't really needed for debugging. The default port number 22 is often
targeted for brute-force attacks. Dropbear on 16M memory isn't relly capable
of handling this.
This reverts commit 2083df18d1.
- use -A (append) instead of -I (insert)
This makes shure the rule order is correct. This fixes#421.
- use uci to determine the correct wan interface
This is the reason, why #421 was only on wr1043. Now the firewall rule
applies to all router.
- remove old and not used rules
Signed-off-by: Tim Niemeyer <tim.niemeyer@mastersword.de>
On a router wich is directly connected to the internet, there is lot of traffix
on the WAN port. E.g. ssh bruteforces. That's like a DOS for a small device.
This fixes#395
Signed-off-by: Tim Niemeyer <tim.niemeyer@mastersword.de>
The new build_script uses a bsp-style interface. Now it's possible
to work on more than one board at the same time. Just select the
selected_bsp with the build_script and start over.
Signed-off-by: Tim Niemeyer <tim.niemeyer@mastersword.de>