I try to implement an UDAP configuration server (legacy protocol to replace an old embedded wireless client bridge) for a wireless client bridge based on a Gateworks Ventana board running OpenWrt trunk with ATH9K WLAN nic. The Openwrt solution uses relayd for pseudo bridging between WLAN and LAN because true transparent bridging between WLAN (in infrastructure mode) and ethernet interface is only possible with 4 address mode of MAC80211 which is not standardized in IEEE802.11 (can only be used with certain access points) Problem is now emulating a real bridging behaviour for incoming broadcasts with destination port of UDAP protocol. The server should respond with bridge's own source IP to global broadcast address on both interfaces LAN & WLAN. For the relayd solution this should be the WLAN interface's IP. IP settings: Wlan0 has 192.168.2.100/24, eth0 has 192.168.254.254/24 Short description: The UDAP protocol uses UDP frames with server destination port 17784. The UDAP client can send frames to IP address of the server. Reply is done with unicast frame The UDAP client can send frames to general broadcast address (255.255.255.255). The server should also reply to the general broadcast address. So UDAP protocol can also be used to scan a client bridge or change it's IP configuration if it's IP resides in another subnet then the UDAP client. UDAP client (a Windows PC, PLC, etc.) may reside either on the LAN or the WLAN side of the bridge. On both sides only one Wlan0-IP should be visible. Results of my test implementation of UDAP on OpenWRT using a simple AFINET UDP socket: Using the IP unicast destination address of the server IP-Wlan0 works fine for both UDAP client locations (LAN / WLAN) Sending to general broadcast server address from WLAN side ->request is received but reply to global broadcast address by calling sendto is denied with ENETUNREACH. Reply to the broadcast address 192.168.2.255 worked fine but violates requirement 3. Next trial was using setsockopt with option SOL_SOCKET,SO_BINDTODEVICE to temporarily bind to wlan0 interface before sendto to general broadcast address → This worked fine Sending to general broadcast server address from LAN side ->request is received but reply to global broadcast address by calling sendto is denied with ENETUNREACH. Reply to the broadcast address 192.168.254.255 worked fine but violates requirement 3. Next trial was using setsockopt with option SOL_SOCKET,SO_BINDTODEVICE to temporarily bind to eth0 interface before sendto to general broadcast address → This worked but the source address of the response frame is 192.168.254.254 (eth0's IP). Therefore the UDAP client on LAN side sees another IP address than a UDAP client on WLAN side. Next I tried to source NAT with iptables to transform the source address to wlan0's IP: iptables -t nat -A POSTROUTING -p udp –sport 17784 -o eth0 -s 192.168.254.254 -j SNAT –to-source 192.168.2.100 The source address is changed but unfortunately the source port of the frame was changed to 1024, then I changed the switch –to-source 192.168.2.100:17784 → No source natting occurred! Is there any chance to configure iptables to only change the source IP and keeping the UDP source port? So I have no idea howto achieve the desired behaviour. Any help is appreciated!! Regards,Dierk
_______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel