[libvirt] [PATCH[ nwfilter: Discard class D and E IP addresses when sniffing
When sniffing the network traffic, discard class D and E IP addresses
when sniffing traffic. This was a reason why filters were not correctly
rebuilt on VMs on the local 192.* network when libvirt was restarted and
those VMs did not use a DHCP request to get its IP address.
Signed-off-by: Stefan Berger <stefanb(a)us.ibm.com>
---
src/nwfilter/nwfilter_learnipaddr.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
Index: libvirt-acl/src/nwfilter/nwfilter_learnipaddr.c
===================================================================
--- libvirt-acl.orig/src/nwfilter/nwfilter_learnipaddr.c
+++ libvirt-acl/src/nwfilter/nwfilter_learnipaddr.c
@@ -546,9 +546,12 @@ learnIPAddressThread(void *arg)
struct iphdr *iphdr = (struct iphdr*)(packet +
ethHdrSize);
vmaddr = iphdr->saddr;
- // skip eth. bcast and mcast addresses,
+ // skip eth. bcast and mcast addresses (224.0.0.0 -
+ // 239.255.255.255), class E (255.*)
// and zero address in DHCP Requests
- if ((ntohl(vmaddr) & 0xc0000000) || vmaddr == 0) {
+ if ( (ntohl(vmaddr) & 0xe0000000) == 0xe0000000 ||
+ (ntohl(vmaddr) & 0xf0000000) == 0xf0000000 ||
+ vmaddr == 0) {
vmaddr = 0;
continue;
}