Revision 2cf27346 kvm-vif-bridge

b/kvm-vif-bridge
19 19
  TABLE=$LINK
20 20
  ip link set $INTERFACE addr $TAP_CONSTANT_MAC up
21 21
  INDEV=$INTERFACE
22
  DROPDHCPREQCMD="iptables -A FORWARD -i $INTERFACE -p udp --dport 67 -j DROP"
22
  # DROPDHCPREQCMD="iptables -A FORWARD -i $INTERFACE -p udp --dport 67 -j DROP"
23 23
elif [ "$MODE" = "bridged" ]; then
24 24
  ip link set $INTERFACE up
25 25
  brctl addif $BRIDGE $INTERFACE
26 26
  INDEV=$BRIDGE
27
  try init_ebtables
28 27
  # nfdhcpd creates responses with src mac the mac of indec
29 28
  INDEV_MAC=$(cat /sys/class/net/$INDEV/address)
30
  DROPDHCPREQCMD="runlocked $RUNLOCKED_OPTS ebtables -A $FROM -p ipv4 --ip-protocol udp --ip-destination-port 67 -j DROP"
29
  # DROPDHCPREQCMD="runlocked $RUNLOCKED_OPTS ebtables -A $FROM -p ipv4 --ip-protocol udp --ip-destination-port 67 -j DROP"
31 30
fi
32 31

  
33 32

  
......
40 39
  ;;
41 40
  $NFDHCPD_TAG)
42 41
    # Drop unicast BOOTP/DHCP packets
43
    $DROPDHCPREQCMD
42
    # $DROPDHCPREQCMD
44 43
    try setup_nfdhcpd
45 44
  ;;
46 45
  $MAC_FILTERED_TAG)
46
    try init_ebtables
47 47
    try setup_ebtables
48 48
  ;;
49 49
  $MASQ_TAG)

Also available in: Unified diff