On 08/13/2010 12:38 PM, Stefan Berger wrote:
> When sniffing the network traffic, discard class D and E IP addresses
> when sniffing traffic. This was a reason why filters were not correctly
> rebuilt on VMs on the local 192.* network when libvirt was restarted and
> those VMs did not use a DHCP request to get its IP address.
>
> Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxx>
>
> ---
> src/nwfilter/nwfilter_learnipaddr.c | 7 +++++--
> 1 file changed, 5 insertions(+), 2 deletions(-)
>
> Index: libvirt-acl/src/nwfilter/nwfilter_learnipaddr.c
> ===================================================================
> --- libvirt-acl.orig/src/nwfilter/nwfilter_learnipaddr.c
> +++ libvirt-acl/src/nwfilter/nwfilter_learnipaddr.c
> @@ -546,9 +546,12 @@ learnIPAddressThread(void *arg)
> struct iphdr *iphdr = (struct iphdr*)(packet +
> ethHdrSize);
> vmaddr = iphdr->saddr;
> - // skip eth. bcast and mcast addresses,
> + // skip eth. bcast and mcast addresses (224.0.0.0 -
> + // 239.255.255.255), class E (255.*)
> // and zero address in DHCP Requests
> - if ((ntohl(vmaddr) & 0xc0000000) || vmaddr == 0) {
> + if ( (ntohl(vmaddr) & 0xe0000000) == 0xe0000000 ||
This line's fine for 224-239.*, but...
> + (ntohl(vmaddr) & 0xf0000000) == 0xf0000000 ||
shouldn't this be (ntohl(vmaddr) & 0xff000000) == 0xff000000, so that
you are not excluding 254.*?
ACK with that fix.
--
Eric Blake eblake@xxxxxxxxxx +1-801-349-2682
Libvirt virtualization library http://libvirt.org
Attachment:
signature.asc
Description: OpenPGP digital signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list