nwfilter: adapt IP learning for broadcasted DHCP replies

Adapt the IP learning code to also accept broadcasted DHCP replies

nwfilter: adapt IP learning for broadcasted DHCP replies
Adapt the IP learning code to also accept broadcasted DHCP replies
4021b85f · Stefan Berger · Daniel Veillard · c828a746 · 4021b85f
隐藏空白更改
内联并排

Showing with 6 addition and 5 deletion

src/nwfilter/nwfilter_learnipaddr.c src/nwfilter/nwfilter_learnipaddr.c +6 -5

未找到文件。
--- a/src/nwfilter/nwfilter_learnipaddr.c
+++ b/src/nwfilter/nwfilter_learnipaddr.c
@@ -414,9 +414,7 @@ learnIPAddressThread(void *arg)
            req->status = EINVAL;
            goto done;
        }
-        virBufferAsprintf(&buf, " ether dst %s"
+        virBufferAsprintf(&buf, "src port 67 and dst port 68");
-                                " and src port 67 and dst port 68",
-                          macaddr);
        break;
    default:
        if (techdriver->applyBasicRules(req->ifname,
@@ -424,7 +422,8 @@ learnIPAddressThread(void *arg)
            req->status = EINVAL;
            goto done;
        }
-        virBufferAsprintf(&buf, "ether host %s", macaddr);
+        virBufferAsprintf(&buf, "ether host %s or ether dst ff:ff:ff:ff:ff:ff",
+                          macaddr);
    }
    if (virBufferError(&buf)) {
@@ -529,7 +528,9 @@ learnIPAddressThread(void *arg)
                    }
                }
            } else if (virMacAddrCmpRaw(&req->macaddr,
-                                        ether_hdr->ether_dhost) == 0) {
+                                        ether_hdr->ether_dhost) == 0 ||
+                       /* allow Broadcast replies from DHCP server */
+                       virMacAddrIsBroadcastRaw(ether_hdr->ether_dhost)) {
                /* packets to the VM */
                if (etherType == ETHERTYPE_IP &&
                    (header.len >= ethHdrSize +