pfilter: simplify the rule-set and make it stronger. Use one set only.
This changes the pfilter rule-set, to make it ready for vlan addition.
Moreover, it removes the choice between three rule-sets and uses one
that works for everyone (we'll add the vlan option later on).
Moreover, we prepare for the option of peer-delay PTP and UDP-based PTP.
As a side effect, one Kconfig option is removed.
We know for sure that what goes to the "streamer" protocol
is re-checked, so the streamer can get some "everything else", exactly
like the 7S wr-nic (that sends to the host everything unused).
This is the current rule set:
- everything tagged is dropped
- CPU: arp broadcast, not unicast (i.e. requests only).
- CPU: PTP ethtype. Any mac address.
- CPU: ICMP unicast, not broadcast.
- CPU: UDP (uni/multicast), ports bootpc, ptp-event, ptp-general.
- Etherbone (class 7): UDP (uni/multicast) and port 0xebd0
- Other fabric (class 6): anything not Etherbone (inverted class 7 bit)
This counts up to 28 rules. We have 4 more rules available and we may
add options, either at build time or run time to add udp ports or
other ethertypes. Or not...
2 caveats:
- frames for the CPU will have class bits 0x41 instead of 0x01, because
everything not etherbone will receive bit 6. This is not a problem, as
the CPU is not checking the class bits.
- the wr-nic gateware, when using this new sw code base, must be
changed to use classes 6 and 7 like everybody else, not classes 7
and 5.
Signed-off-by: Alessandro Rubini <rubini@gnudd.com>
Showing
Please
register
or
sign in
to comment