[libvirt] [PATCH] nwfilter: enable filtering of gratuitous ARP packets
Stefan Berger
stefanb at linux.vnet.ibm.com
Mon May 23 23:51:39 UTC 2011
On 05/23/2011 07:38 PM, Eric Blake wrote:
> On 05/23/2011 05:32 PM, Stefan Berger wrote:
>> This patch enables filtering of gratuitous ARP packets using the
>> following XML:
>>
>> <rule action='accept' direction='in' priority='425'>
>> <arp gratuitous='true'/>
>> </rule>
>>
>> Signed-off-by: Stefan Berger<stefanb at us.ibm.com>
>> +++ libvirt-acl/src/nwfilter/nwfilter_ebiptables_driver.c
>> @@ -2033,6 +2033,13 @@ ebtablesCreateRuleInstance(char chainPre
>>
>> ENTRY_GET_NEG_SIGN(&rule->p.arpHdrFilter.dataARPDstMACAddr),
>> macaddr);
>> }
>> +
>> + if (HAS_ENTRY_ITEM(&rule->p.arpHdrFilter.dataGratuitousARP)&&
>> + rule->p.arpHdrFilter.dataGratuitousARP.u.boolean == true) {
> HACKING recommends against direct comparison to 'true', in part because
> of gnulib<stdbool.h> restrictions. Simplify this to:
>
> if (...&&
> rule->p.arpHdrFilter.dataGratuitousARP.u.boolean) {
>
> Your mailer messed up indentation on all lines that started with< after
> an arbitrary amount of whitespace, but I trust that your original patch
> followed conventions.
>
> ACK with the nit fixed.
>
Fixed and pushed.
More information about the libvir-list
mailing list