feat(relay): filter unsafe Ethernet control traffic
Relay forwarding now applies the MVP L2 safety policy before choosing output peers. It drops jumbo frames, link-local switch-control destinations, EAPOL, LLDP, and slow-protocol frames in both directions, and it blocks remote clients from sending DHCP server replies or IPv6 router advertisements toward the LAN. The filters live in the room forwarding path so the pure admission/forwarding tests and live QUIC datagram path share the same policy. Gateway-origin DHCP server replies remain allowed, which preserves the plan's goal that remote TAP clients can receive LAN DHCP through the tunnel. Test Plan: - cargo fmt --check - cargo test --workspace - cargo clippy --workspace --all-targets -- -D warnings Refs: PLAN.md L2 control-plane safety filters
This commit is contained in:
@@ -47,6 +47,7 @@ Public relay binary and relay-owned room state:
|
||||
- one gateway per room, duplicate client MAC rejection, and room limits
|
||||
- stable effective room MTU chosen before Ethernet datagrams flow
|
||||
- live Ethernet datagram forwarding with no ingress reflection
|
||||
- L2 safety filters for jumbo, switch-control, DHCP-server, and IPv6-RA frames
|
||||
- peer leave cleanup for room membership and MAC indexes
|
||||
|
||||
## Build
|
||||
|
||||
Reference in New Issue
Block a user