From: Stefan Berger <stefanb@linux.vnet.ibm.com>
Date: Wed, 21 Dec 2011 15:54:47 +0000 (-0500)
Subject: nwfilter: Do not require DHCP requests to be broadcasted
X-Git-Tag: v0.9.9-rc1~31
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1c8f0cbb831ce43bf3269f1775b42a900d69ce47;p=thirdparty%2Flibvirt.git

nwfilter: Do not require DHCP requests to be broadcasted

Remove the requirement that DHCP messages have to be broadcasted.
DHCP requests are most often sent via broadcast but can be directed
towards a specific DHCP server. For example 'dhclient' takes '-s <server>'
as a command line parameter thus allowing DHCP requests to be sent to a
specific DHCP server.
---

diff --git a/src/nwfilter/nwfilter_ebiptables_driver.c b/src/nwfilter/nwfilter_ebiptables_driver.c
index d8b1e9798a..9c244be41c 100644
--- a/src/nwfilter/nwfilter_ebiptables_driver.c
+++ b/src/nwfilter/nwfilter_ebiptables_driver.c
@@ -3245,9 +3245,8 @@ ebtablesApplyDHCPOnlyRules(const char *ifname,
 
     virBufferAsprintf(&buf,
                       CMD_DEF("$EBT -t nat -A %s"
-                              " -s %s -d Broadcast "
+                              " -s %s"
                               " -p ipv4 --ip-protocol udp"
-                              " --ip-src 0.0.0.0 --ip-dst 255.255.255.255"
                               " --ip-sport 68 --ip-dport 67"
                               " -j ACCEPT") CMD_SEPARATOR
                       CMD_EXEC