[libvirt] [PATCH V1 3/3] nwfilter: adapt IP learning for broadcasted DHCP replies
Daniel Veillard
veillard at redhat.com
Fri Aug 31 03:40:40 UTC 2012
On Thu, Aug 30, 2012 at 02:29:51PM -0400, Stefan Berger wrote:
> Adapt the IP learning code to also accept broadcasted DHCP replies
>
> ---
> src/nwfilter/nwfilter_learnipaddr.c | 11 ++++++-----
> 1 file changed, 6 insertions(+), 5 deletions(-)
>
> Index: libvirt-acl/src/nwfilter/nwfilter_learnipaddr.c
> ===================================================================
> --- libvirt-acl.orig/src/nwfilter/nwfilter_learnipaddr.c
> +++ libvirt-acl/src/nwfilter/nwfilter_learnipaddr.c
> @@ -414,9 +414,7 @@ learnIPAddressThread(void *arg)
> req->status = EINVAL;
> goto done;
> }
> - virBufferAsprintf(&buf, " ether dst %s"
> - " and src port 67 and dst port 68",
> - macaddr);
> + virBufferAsprintf(&buf, "src port 67 and dst port 68");
> break;
> default:
> if (techdriver->applyBasicRules(req->ifname,
> @@ -424,7 +422,8 @@ learnIPAddressThread(void *arg)
> req->status = EINVAL;
> goto done;
> }
> - virBufferAsprintf(&buf, "ether host %s", macaddr);
> + virBufferAsprintf(&buf, "ether host %s or ether dst ff:ff:ff:ff:ff:ff",
> + macaddr);
> }
>
> if (virBufferError(&buf)) {
> @@ -529,7 +528,9 @@ learnIPAddressThread(void *arg)
> }
> }
> } else if (virMacAddrCmpRaw(&req->macaddr,
> - ether_hdr->ether_dhost) == 0) {
> + ether_hdr->ether_dhost) == 0 ||
> + /* allow Broadcast replies from DHCP server */
> + virMacAddrIsBroadcastRaw(ether_hdr->ether_dhost)) {
> /* packets to the VM */
> if (etherType == ETHERTYPE_IP &&
> (header.len >= ethHdrSize +
>
Okay, c.f. comment on patch 1/3
ACK,
Daniel
--
Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/
daniel at veillard.com | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library http://libvirt.org/
More information about the libvir-list
mailing list