fix(client): enforce virtual MAC before relay send
The relay already rejects client frames whose source MAC does not match the announced virtual MAC. The Windows bridge can still see those frames from TAP, though, and sending them to the relay wastes datagram budget and makes the client-side counters less useful during manual tests. Carry the configured virtual MAC into ClientRelayIo and drop invalid or unauthorized TAP source MACs before QUIC DATAGRAM encoding. The relay keeps the same checks as the trust boundary, but client diagnostics now account for these drops locally. Document the local source-MAC check and list InvalidSourceMac as a suspicious manual-test drop reason. Test Plan: - cargo fmt --check - cargo test -p lanparty-client-core connects_to_relay_control_stream_as_client - cargo test --workspace - cargo clippy --workspace --all-targets -- -D warnings - git diff --check Refs: PLAN.md source-MAC authorization and safety filters
This commit is contained in:
@@ -211,6 +211,7 @@ Drops that should be investigated if they dominate:
|
||||
|
||||
```text
|
||||
drop_reason=Malformed
|
||||
drop_reason=InvalidSourceMac
|
||||
drop_reason=UnauthorizedSourceMac
|
||||
drop_reason=ControlPlaneEtherType
|
||||
```
|
||||
|
||||
Reference in New Issue
Block a user