phpsystems Posted August 21, 2015 Share Posted August 21, 2015 Hi, Sometime a go I came across this talk from DefCon 19: The guy mentions the raspberry pi, but the turtle should be able to do this with minor modifications to the bridging code? Possibly have a flag on the code of whether to enable / disable the patch? The rest of the code is actually documented as a script on a pdf as well. Tim 1 Quote Link to comment Share on other sites More sharing options...
phpsystems Posted August 21, 2015 Author Share Posted August 21, 2015 Just so you don't have to sit through the vid: There are specific packets that bridges don't pass. In order for this to wirk, those need to be allowed to flow. The rest is settings and a simple script. Quote Link to comment Share on other sites More sharing options...
phpsystems Posted August 24, 2015 Author Share Posted August 24, 2015 So looking at the source code (in this case for the Pineapple, but the code base is similar), the patch should be this: --- build_dir/linux-ar71xx_generic/linux-3.3.8/net/bridge/br_input.c.orig 2015-08-24 09:29:58.719273414 +0100+++ build_dir/linux-ar71xx_generic/linux-3.3.8/net/bridge/br_input.c 2015-08-24 09:30:21.615273027 +0100@@ -81,7 +81,7 @@if (skb->protocol == htons(ETH_P_PAE)) {skb2 = skb;/* Do not forward 802.1x/EAP frames */- skb = NULL;+// skb = NULL;} else if (is_broadcast_ether_addr(dest))skb2 = skb;else if (is_multicast_ether_addr(dest)) { That would then just leave the script, which is almost trivial. Quote Link to comment Share on other sites More sharing options...
phpsystems Posted September 10, 2015 Author Share Posted September 10, 2015 The actual patching of the source code can be done (or rather not patching), just by removing patch "./target/linux/generic/patches-3.3/640-bridge_no_eap_forward.patch" and rebuilding. The scripts are also available in Mubix's Github repo here: https://github.com/mubix/8021xbridge Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.