Merge pull request nberlee#26 from nberlee/fix-proto-violation-macs

fix: error message should return the src mac when reporting a proto v…
zlowred · Jul 4, 2023 · 5aa54b8 · 5aa54b8
2 parents c972ed8 + cca176d
commit 5aa54b8
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 14 deletions.
diff --git a/arp.go b/arp.go
@@ -29,7 +29,8 @@ func ownupNetworkAddresses(netInterface string, srcMACAddress net.HardwareAddr,
 	}
 	// Announce link-local just once after startup
 	for vlan := range vlanIPMap {
-		err := sendNA(rawTraffic, srcMACAddress, net.HardwareAddr{0x33, 0x33, 0x00, 0x00, 0x00, 0x01}, IPv6Address, net.ParseIP("ff02::1"), vlan)
+
+		err := sendNA(rawTraffic, srcMACAddress, net.HardwareAddr{0x33, 0x33, 0x00, 0x00, 0x00, 0x01}, IPv6Address, net.IPv6linklocalallnodes, vlan)
 		if err != nil {
 			logrus.Error(err)
 			continue

diff --git a/docs/RouterOS/README.md b/docs/RouterOS/README.md
@@ -48,6 +48,12 @@ See the [config.md](../config.md) for detailed explaination.
 
 Edit your own `config.toml` and upload it to your router in a directory, for example the default `/pub` directory, as its not strait forward to create a directory in RouterOS.
 
+Afterwards changes may be done to the file without reuploading again, using:
+
+```mikrotik
+/file edit pub/config.toml
+```
+
 ## Container mount
 Create a container mount to the directory you uploaded the `config.toml` to. Make sure to change the `src` to the path you uploaded the file to.
 

diff --git a/ssdp.go b/ssdp.go
@@ -6,7 +6,6 @@ import (
 	"time"
 
 	"github.com/google/gopacket"
-	"github.com/google/gopacket/layers"
 	"github.com/google/gopacket/pcap"
 	"github.com/sirupsen/logrus"
 	"github.com/zekroTJA/timedmap"
@@ -66,12 +65,8 @@ func processSSDPPackets(netInterface string, srcMACAddress net.HardwareAddr, poo
 				continue
 			}
 			logrus.Debugf("SSDP query packet received:\n%s", ssdpPacket.packet.String())
-			if *ssdpPacket.dstPort != layers.UDPPort(1900) {
-				logrus.Infof("Protocol violation from %s, got a SSDP query from a non query destination port.", ssdpPacket.dstMAC.String())
-				continue
-			}
 			if ssdpPacket.dstMAC == &srcMACAddress {
-				logrus.Infof("Protocol violation from %s, got a SSDP query from an unicast packet.", ssdpPacket.dstMAC.String())
+				logrus.Infof("Protocol violation from %s, got a SSDP query from an unicast packet.", ssdpPacket.srcMAC.String())
 				continue
 			}
 
@@ -111,12 +106,8 @@ func processSSDPPackets(netInterface string, srcMACAddress net.HardwareAddr, poo
 				logrus.Warningf("spoofing/vlan leak detected from %s. Config expected traffic from VLAN %d, got a packet from %d.", ssdpPacket.srcMAC.String(), device.OriginPool, *ssdpPacket.vlanTag)
 				continue
 			}
-			if *ssdpPacket.dstPort != layers.UDPPort(1900) {
-				logrus.Infof("Protocol violation from %s, got a SSDP advertisement from a non advertisement destination port.", ssdpPacket.dstMAC.String())
-				continue
-			}
 			if ssdpPacket.dstMAC == &srcMACAddress {
-				logrus.Infof("Protocol violation from %s, got a SSDP advertisement from an unicast packet.", ssdpPacket.dstMAC.String())
+				logrus.Infof("Protocol violation from %s, got a SSDP advertisement from an unicast packet.", ssdpPacket.srcMAC.String())
 				continue
 			}
 
@@ -146,9 +137,7 @@ func processSSDPPackets(netInterface string, srcMACAddress net.HardwareAddr, poo
 				tmssdpAdvertisementSession.Set(*ssdpPacket.srcPort, ssdpSession, ssdpSessionDuration)
 				sendPacket(rawTraffic, &ssdpPacket, tag, srcMACAddress, dstMacAddress, srcIP, nil)
 			}
-			// Two responses are possible here:
 			// Allowed Mac-address responding from on a SSDP query
-			// A shared pool vlan ip responding to a SSDP advertisement
 		} else if device, ok := allowedMacsMap[macAddress(ssdpPacket.srcMAC.String())]; ok && ssdpPacket.isSSDPResponse {
 
 			logrus.Debugf("SSDP query response packet received:\n%s", ssdpPacket.packet.String())