Skip to content

u32 ematch for mac address is used incorrectly #1

@fblaese

Description

@fblaese

The u32 ematch has the following syntax:

       u32( ALIGN VALUE MASK at [ nexthdr+ ] OFFSET )
       ALIGN := { u8 | u16 | u32 }

The third argument is used as a mask for matching the value.

The u32 ematch is used by macnocker to match against the mac adress of packets, so value has to contain (parts of) the mac address, while mask has to contain only 1-bits.

Currently however, the mac address is inserted into both VALUE and MASK, so only 1-bits of the mac address are matched correctly, 0-bits are ignored:

macnocker/tc.c

Lines 62 to 65 in d0bdfdb

snprintf(cmd, 2048, "tc filter add dev %s protocol all parent ffff: prio %d "
"basic match \"u32(u32 0x%s 0x%s at -8)\" "
"and \"u32(u16 0x%s 0x%s at -4)\" flowid :1 action pass",
g_interface, prio, mac32, mac32, mac16, mac16);

Metadata

Metadata

Assignees

Labels

bugSomething isn't working

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions