feat(gateway): refresh remote MAC learning

The LAN switch has to keep learning that remote client MAC addresses live on
the gateway port. Once the gateway injects a remote client's traffic, that
learning can age out if the client is quiet, breaking the Layer 2 illusion.

Track valid remote-client source MACs observed in relay traffic and inject a
small padded CAM refresh frame for each known MAC every 60 seconds. The refresh
frame uses the remote MAC as the Ethernet source and the gateway NIC MAC as the
destination, with a local experimental EtherType so hosts should ignore it.

PacketSocket now reads the wired interface hardware address with SIOCGIFHWADDR
when opening the AF_PACKET socket. Non-Ethernet or invalid source interfaces
fail early instead of starting a gateway that cannot emit refresh traffic.

Test Plan:
- cargo fmt --check
- cargo test --workspace
- cargo clippy --workspace --all-targets -- -D warnings
- git diff --check

Refs: PLAN.md Linux gateway CAM-table refresh

crates/lanparty-gateway/src/packet.rs

@@ -4,6 +4,8 @@ use std::{
     os::fd::{AsRawFd, FromRawFd, OwnedFd, RawFd},
 };
 
+use lanparty_proto::MacAddr;
+
 const ETH_P_ALL: u16 = libc::ETH_P_ALL as u16;
 
 #[derive(Debug)]
@@ -11,6 +13,7 @@ pub struct PacketSocket {
     fd: OwnedFd,
     interface: String,
     interface_index: u32,
+    interface_mac: MacAddr,
 }
 
 impl PacketSocket {
@@ -55,11 +58,13 @@ impl PacketSocket {
         if result < 0 {
             return Err(io::Error::last_os_error());
         }
+        let interface_mac = interface_hardware_addr(fd.as_raw_fd(), interface)?;
 
         Ok(Self {
             fd,
             interface: interface.to_owned(),
             interface_index,
+            interface_mac,
         })
     }
 
@@ -73,6 +78,11 @@ impl PacketSocket {
         self.interface_index
     }
 
+    #[must_use]
+    pub const fn interface_mac(&self) -> MacAddr {
+        self.interface_mac
+    }
+
     pub fn send_frame(&self, frame: &[u8]) -> io::Result<usize> {
         let sent = unsafe {
             // SAFETY: frame.as_ptr() is valid for frame.len() bytes for the duration of send,
@@ -129,6 +139,21 @@ impl AsRawFd for PacketSocket {
 }
 
 pub fn interface_index(interface: &str) -> io::Result<u32> {
+    let name = interface_name(interface)?;
+
+    let index = unsafe {
+        // SAFETY: name is a valid NUL-terminated C string and if_nametoindex does not retain it.
+        libc::if_nametoindex(name.as_ptr())
+    };
+
+    if index == 0 {
+        return Err(io::Error::last_os_error());
+    }
+
+    Ok(index)
+}
+
+fn interface_name(interface: &str) -> io::Result<CString> {
     if interface.trim().is_empty() {
         return Err(io::Error::new(
             io::ErrorKind::InvalidInput,
@@ -142,16 +167,68 @@ pub fn interface_index(interface: &str) -> io::Result<u32> {
             "interface name cannot contain NUL bytes",
         )
     })?;
-    let index = unsafe {
-        // SAFETY: name is a valid NUL-terminated C string and if_nametoindex does not retain it.
-        libc::if_nametoindex(name.as_ptr())
-    };
+    if name.as_bytes_with_nul().len() > libc::IFNAMSIZ {
+        return Err(io::Error::new(
+            io::ErrorKind::InvalidInput,
+            "interface name is too long",
+        ));
+    }
 
-    if index == 0 {
+    Ok(name)
+}
+
+fn interface_hardware_addr(fd: RawFd, interface: &str) -> io::Result<MacAddr> {
+    let name = interface_name(interface)?;
+    let mut request = unsafe {
+        // SAFETY: ifreq is a kernel ABI struct; zeroing it gives a valid base before filling the
+        // interface name and asking ioctl to populate the hardware-address union field.
+        std::mem::zeroed::<libc::ifreq>()
+    };
+    for (destination, source) in request
+        .ifr_name
+        .iter_mut()
+        .zip(name.as_bytes_with_nul().iter())
+    {
+        *destination = *source as libc::c_char;
+    }
+
+    let result = unsafe {
+        // SAFETY: request points to an initialized ifreq with a NUL-terminated interface name.
+        // ioctl writes the hardware address into the ifreq union and does not retain pointers.
+        libc::ioctl(fd, libc::SIOCGIFHWADDR, &mut request)
+    };
+    if result < 0 {
         return Err(io::Error::last_os_error());
     }
 
-    Ok(index)
+    let hardware_addr = unsafe {
+        // SAFETY: SIOCGIFHWADDR succeeded, so reading the hardware-address union field is valid.
+        request.ifr_ifru.ifru_hwaddr
+    };
+    if hardware_addr.sa_family != libc::ARPHRD_ETHER {
+        return Err(io::Error::new(
+            io::ErrorKind::InvalidData,
+            "interface is not an Ethernet device",
+        ));
+    }
+
+    let data = hardware_addr.sa_data;
+    let mac = MacAddr::new([
+        data[0] as u8,
+        data[1] as u8,
+        data[2] as u8,
+        data[3] as u8,
+        data[4] as u8,
+        data[5] as u8,
+    ]);
+    if !mac.is_valid_unicast() {
+        return Err(io::Error::new(
+            io::ErrorKind::InvalidData,
+            format!("interface has invalid Ethernet MAC address {mac}"),
+        ));
+    }
+
+    Ok(mac)
 }
 
 fn is_inbound_packet_type(packet_type: u8) -> bool {
@@ -176,7 +253,7 @@ mod tests {
 
     #[test]
     fn reports_missing_interface() {
-        let error = interface_index("lanparty-definitely-missing0").unwrap_err();
+        let error = interface_index("lp-missing0").unwrap_err();
 
         assert_ne!(error.kind(), io::ErrorKind::InvalidInput);
     }