[libvirt] [PATCH v3 4/4] bridge driver: don't masquerade local subnet broadcast/multicast packets
Laszlo Ersek
lersek at redhat.com
Tue Sep 24 13:23:27 UTC 2013
On 09/24/13 11:31, Laine Stump wrote:
> On 09/23/2013 08:03 PM, Laszlo Ersek wrote:
>> +/* Fill in preallocated virPfxSocketAddr objects with masquerading exceptions:
>> + *
>> + * 1. do not masquerade packets targeting 224.0.0.0/24
>> + * 2. do not masquerade packets targeting 255.255.255.255/32
>> + * 3. do not masquerade packets targeting the directed local broadcast
>> + * address
>> + *
>> + * 224.0.0.0/24 is the local network multicast range. Packets are not
>> + * forwarded outside.
>> + *
>> + * 255.255.255.255/32 is the broadcast address of any local network. Again,
>> + * such packets are never forwarded, but strict DHCP clients don't accept
>> + * DHCP replies with changed source ports.
>> + *
>> + * The directed local broadcast address looks like 192.168.122.255/32, and
>> + * behaves like the generic broadcast address 255.255.255.255/32.
>> + *
>> + * Returns 0 on success and -1 on failure.
>> + */
>> +static int networkFillMasqExceptions(const char *bridgeName,
>> + const virPfxSocketAddr *bridge,
>> + virPfxSocketAddr *localMulticast,
>> + virPfxSocketAddr *genericBroadcast,
>> + virPfxSocketAddr *directedBroadcast)
>> +{
>> + int result;
>> +
>> + localMulticast->prefix = 24;
>> + result = virSocketAddrParseIPv4(&localMulticast->addr,
>> + "224.0.0.0");
>> + sa_assert(result != -1);
>
> You must have accidentally left this in. libvirt is a library, so it
> must never assert. In a case where the called function is guaranteed to
> never fail (due to the args passed in), you can enclose it in
> ignore_value():
>
> ignore_value(cirSocketAddrParseIPv4(.......)
Ah. Good to know!
In fact I had searched the HACKING file for "assert", and there were no
hits. So I grepped the source :)
(BTW there *are* some sa_assert() calls in eg. "src/qemu/qemu_driver.c".
And, as far as I saw, sa_assert() expands to /* empty */ unless
STATIC_ANALYSIS is defined. I kind of didn't understand that, actually;
but I found no naked "assert()" calls in the source. Now that you say
that a library is never supposed to assert() -- I'm not sure I agree
with that FWIW :) -- it makes sense.)
Thanks
Laszlo
More information about the libvir-list
mailing list