Re: [libvirt] [PATCH[ nwfilter: Discard class D and E IP addresses when sniffing
Eric Blake <eblake(a)redhat.com> wrote on 08/13/2010 03:56:12 PM:
[image removed]
On 08/13/2010 01:45 PM, Stefan Berger wrote:
>>> - // skip eth. bcast and mcast addresses,
>>> + // skip eth. bcast and mcast addresses
(224.0.0.0
> -
>>> + // 239.255.255.255), class E (255.*)
>>> // and zero address in DHCP Requests
>>> - if ((ntohl(vmaddr) & 0xc0000000) || vmaddr ==
0)
> http://en.wikipedia.org/wiki/Classful_network
>
> Class D addresses have highest bits with pattern 1110 0000 -> 0xe0
> Class E addresses have highest bits with pattern 1111 0000 -> 0xf0
>
> I think my masks are fine and the masking with 0xf0 00 00 00 should
also
> include 254.* = 0xfe.* .
In that case, the comments are wrong. Class E is more than 255.*, it is
240.0.0.0-255.255.255.255. And in that case, the bit operations can be
simplified:
if ((ntohl(vmaddr) & 0xc0000000) == 0xc0000000) || vmaddr == 0)
In other words, the logic bug is that we were rejecting IP addresses
that had 1 or 2, but not all three, of the top three bits set. The
desired action is to reject IP packets if all three of the top bits are
simultaneously set.
Right, the comment was not correct. I think the simplified if should be
if ((ntohl(vmaddr) & 0xe0000000) == 0xe0000000) || vmaddr == 0)
That then covers class D and E since this mask then covers 0xe0.00.00.00 -
0xff.ff.ff.ff = 225.0.0.0 - 255.255.255.255.
Let's see a v2 that gets the comments right, and uses the simpler logic.
Coming soon.
Stefan
Attachments:
- attachment.html (text/html — 2.6 KB)