[libvirt] [PATCH[ nwfilter: Discard class D and E IP addresses when sniffing
Eric Blake
eblake at redhat.com
Fri Aug 13 19:11:25 UTC 2010
On 08/13/2010 12:38 PM, Stefan Berger wrote:
> When sniffing the network traffic, discard class D and E IP addresses
> when sniffing traffic. This was a reason why filters were not correctly
> rebuilt on VMs on the local 192.* network when libvirt was restarted and
> those VMs did not use a DHCP request to get its IP address.
>
> Signed-off-by: Stefan Berger <stefanb at us.ibm.com>
>
> ---
> src/nwfilter/nwfilter_learnipaddr.c | 7 +++++--
> 1 file changed, 5 insertions(+), 2 deletions(-)
>
> Index: libvirt-acl/src/nwfilter/nwfilter_learnipaddr.c
> ===================================================================
> --- libvirt-acl.orig/src/nwfilter/nwfilter_learnipaddr.c
> +++ libvirt-acl/src/nwfilter/nwfilter_learnipaddr.c
> @@ -546,9 +546,12 @@ learnIPAddressThread(void *arg)
> struct iphdr *iphdr = (struct iphdr*)(packet +
> ethHdrSize);
> vmaddr = iphdr->saddr;
> - // skip eth. bcast and mcast addresses,
> + // skip eth. bcast and mcast addresses (224.0.0.0 -
> + // 239.255.255.255), class E (255.*)
> // and zero address in DHCP Requests
> - if ((ntohl(vmaddr) & 0xc0000000) || vmaddr == 0) {
> + if ( (ntohl(vmaddr) & 0xe0000000) == 0xe0000000 ||
This line's fine for 224-239.*, but...
> + (ntohl(vmaddr) & 0xf0000000) == 0xf0000000 ||
shouldn't this be (ntohl(vmaddr) & 0xff000000) == 0xff000000, so that
you are not excluding 254.*?
ACK with that fix.
--
Eric Blake eblake at redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 619 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20100813/78d4b72f/attachment-0001.sig>
More information about the libvir-list
mailing list