Re: [libvirt] [PATCH] nwfilter: enable filtering of gratuitous ARP packets
On 05/23/2011 05:32 PM, Stefan Berger wrote:
This patch enables filtering of gratuitous ARP packets using the
following XML:
<rule action='accept' direction='in' priority='425'>
<arp gratuitous='true'/>
</rule>
Signed-off-by: Stefan Berger <stefanb(a)us.ibm.com>
+++ libvirt-acl/src/nwfilter/nwfilter_ebiptables_driver.c
@@ -2033,6 +2033,13 @@ ebtablesCreateRuleInstance(char chainPre
ENTRY_GET_NEG_SIGN(&rule->p.arpHdrFilter.dataARPDstMACAddr),
macaddr);
}
+
+ if (HAS_ENTRY_ITEM(&rule->p.arpHdrFilter.dataGratuitousARP) &&
+ rule->p.arpHdrFilter.dataGratuitousARP.u.boolean == true) {
HACKING recommends against direct comparison to 'true', in part because
of gnulib <stdbool.h> restrictions. Simplify this to:
if (... &&
rule->p.arpHdrFilter.dataGratuitousARP.u.boolean) {
Your mailer messed up indentation on all lines that started with < after
an arbitrary amount of whitespace, but I trust that your original patch
followed conventions.
ACK with the nit fixed.
--
Eric Blake eblake(a)redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org
Attachments:
- signature.asc (application/pgp-signature — 619 bytes)