ddidderr 985e4d9eed fix(gateway): drop unsafe LAN frames before relay send ...

The relay already filters invalid source MACs, jumbo frames, and L2 control
plane traffic. The gateway bridge was still encoding those LAN frames and
sending them to the relay first, so gateway logs could say forwarded even when
the relay would later drop the frame.

Classify that same local LAN-send subset before QUIC DATAGRAM encoding. The
gateway now records and reports these frames as local drops, keeps the relay as
the trust boundary, and avoids spending relay bandwidth on frames that can never
reach remote clients.

Document that gateway-side local drops cover invalid source MACs, L2 control
plane traffic, jumbo frames, and datagram-budget failures.

Test Plan:
- cargo test -p lanparty-gateway
- cargo fmt --check
- cargo test --workspace
- cargo clippy --workspace --all-targets -- -D warnings
- git diff --check

Refs: PLAN.md LAN-to-remote control-plane filtering

2026-05-22 05:04:09 +02:00

..

lanparty-client-core

fix(client): enforce virtual MAC before relay send

2026-05-22 04:58:12 +02:00

lanparty-client-route

fix(client): reuse existing relay host route

2026-05-22 04:40:28 +02:00

lanparty-client-tap

feat(client): persist TAP MAC identity

2026-05-21 21:21:47 +02:00

lanparty-client-win

fix(client): drop malformed TAP frames without stopping

2026-05-22 04:52:13 +02:00

lanparty-ctrl

feat(ctrl): report connection mode in welcome

2026-05-21 21:43:44 +02:00

lanparty-gateway

fix(gateway): drop unsafe LAN frames before relay send

2026-05-22 05:04:09 +02:00

lanparty-net

feat(net): accept relay hostnames

2026-05-21 21:40:00 +02:00

lanparty-obs

fix(relay): filter remote VLAN-tagged frames

2026-05-21 23:40:44 +02:00

lanparty-proto

feat(proto): validate negotiated datagram budgets

2026-05-21 22:03:15 +02:00

lanparty-relay

fix(relay): filter remote VLAN-tagged frames

2026-05-21 23:40:44 +02:00