I try to implement an UDAP
configuration server (legacy protocol to replace an old embedded
wireless client bridge) for a wireless client bridge based on a
Gateworks Ventana board running OpenWrt trunk with ATH9K WLAN nic.
The Openwrt solution uses relayd for
pseudo bridging between WLAN and LAN because true transparent
bridging between WLAN (in infrastructure mode) and ethernet interface
is only possible with 4 address mode of MAC80211 which is not
standardized in IEEE802.11 (can only be used with certain access
points)



Problem is now emulating a real
bridging behaviour for incoming broadcasts with destination port of
UDAP protocol. The server should respond with bridge's own source IP
to global broadcast address on both interfaces LAN & WLAN. For
the relayd solution this should be the WLAN interface's IP.



IP settings: Wlan0 has
192.168.2.100/24, eth0 has 192.168.254.254/24



Short description:
The UDAP protocol uses UDP frames
        with server destination port 17784.
        The UDAP client can send frames to
        IP address of the server. Reply is done with unicast frame
        The UDAP client can send frames to
        general broadcast address (255.255.255.255). The server should also
        reply to the general broadcast address. So UDAP protocol can also be
        used to scan a client bridge or change it's IP configuration if it's
        IP resides in another subnet then the UDAP client.
        UDAP client (a Windows PC, PLC,
        etc.) may reside either on the LAN or the WLAN side of the bridge.
        On both sides only one Wlan0-IP should be visible.




Results of my test implementation of
UDAP on OpenWRT using a simple AFINET UDP socket:



Using the IP unicast destination
        address of the server IP-Wlan0 works fine for both UDAP client
        locations (LAN / WLAN)
        Sending to general broadcast
        server address from WLAN side ->request is received but reply to
        global broadcast address by calling sendto is denied with
        ENETUNREACH.
Reply to the broadcast address 192.168.2.255 worked
        fine but violates requirement 3.
Next trial was using setsockopt
        with option SOL_SOCKET,SO_BINDTODEVICE to temporarily bind to wlan0
        interface before sendto to general broadcast address → This worked
        fine
        Sending to general broadcast
        server address from LAN side ->request is received but reply to
        global broadcast address by calling sendto is denied with
        ENETUNREACH.
Reply to the broadcast address 192.168.254.255
        worked fine but violates requirement 3.
Next trial was using
        setsockopt with option SOL_SOCKET,SO_BINDTODEVICE to temporarily
        bind to eth0 interface before sendto to general broadcast address →
        This worked but the source address of the response frame is
        192.168.254.254 (eth0's IP). Therefore the UDAP client on LAN side
        sees another IP address than a UDAP client on WLAN side.
Next I
        tried to source NAT with iptables to transform the source address to
        wlan0's IP:

iptables -t nat -A POSTROUTING -p udp –sport
        17784 -o eth0 -s 192.168.254.254 -j SNAT –to-source 192.168.2.100 
        




The source address is changed but
        unfortunately the source port of the frame was changed to 1024, then
        I changed the switch –to-source 192.168.2.100:17784 → No source
        natting occurred!  Is there any chance to configure iptables to only
        change the source IP and keeping the UDP source port?


        
So I have no idea howto achieve the
desired behaviour. Any help is appreciated!!
Regards,Dierk


                                          
_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel

Reply via email to