[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[libvirt] [PATCH v2] nwfilter: Discard class D and E IP addresses when sniffing packets



V2: Corrected comment and simplified mask to check for class D and E IP addresses

When sniffing the network traffic, discard class D and E IP addresses when sniffing traffic. This was a reason why filters were not correctly rebuilt on VMs on the local 192.* network when libvirt was restarted and those VMs did not use a DHCP request to get its IP address.

Signed-off-by: Stefan Berger<stefanb us ibm com>

---
 src/nwfilter/nwfilter_learnipaddr.c |    8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

Index: libvirt-acl/src/nwfilter/nwfilter_learnipaddr.c
===================================================================
--- libvirt-acl.orig/src/nwfilter/nwfilter_learnipaddr.c
+++ libvirt-acl/src/nwfilter/nwfilter_learnipaddr.c
@@ -546,9 +546,11 @@ learnIPAddressThread(void *arg)
                     struct iphdr *iphdr = (struct iphdr*)(packet +
                                                           ethHdrSize);
                     vmaddr = iphdr->saddr;
-                    // skip eth. bcast and mcast addresses,
-                    // and zero address in DHCP Requests
-                    if ((ntohl(vmaddr)&  0xc0000000) || vmaddr == 0) {
+                    // skip mcast addresses (224.0.0.0 - 239.255.255.255),
+                    // class E (240.0.0.0 - 255.255.255.255, includes eth.
+                    // bcast) and zero address in DHCP Requests
+                    if ( (ntohl(vmaddr)&  0xe0000000) == 0xe0000000 ||
+                         vmaddr == 0) {
                         vmaddr = 0;
                         continue;
                     }


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]