Revision b0a87613 vif-custom
| b/vif-custom | ||
|---|---|---|
| 32 | 32 |
ip link set $INTERFACE up |
| 33 | 33 |
success |
| 34 | 34 |
INDEV=$INTERFACE |
| 35 |
DROPDHCPREQCMD="iptables -A FORWARD -i $INTERFACE -p udp --dport 67 -j DROP" |
|
| 36 | 35 |
elif [ "$MODE" = "bridged" ]; then |
| 37 | 36 |
ip link set $INTERFACE up |
| 38 | 37 |
BRIDGE=$(xenstore_read_default "$XENBUS_PATH/bridge" "$LINK") |
| 39 | 38 |
brctl addif $BRIDGE $INTERFACE |
| 40 | 39 |
success |
| 41 | 40 |
INDEV=$BRIDGE |
| 42 |
try init_ebtables |
|
| 43 |
# nfdhcpd creates responses with src mac the mac of indec |
|
| 44 |
INDEV_MAC=$(cat /sys/class/net/$INDEV/address) |
|
| 45 |
DROPDHCPREQCMD="runlocked $RUNLOCKED_OPTS ebtables -A $FROM -p ipv4 --ip-protocol udp --ip-destination-port 67 -j DROP" |
|
| 46 | 41 |
fi |
| 47 | 42 |
|
| 48 | 43 |
for tag in $NETWORK_TAGS; do |
| ... | ... | |
| 54 | 49 |
try send_garp |
| 55 | 50 |
;; |
| 56 | 51 |
$NFDHCPD_TAG) |
| 57 |
# Drop unicast BOOTP/DHCP packets |
|
| 58 |
$DROPDHCPREQCMD |
|
| 59 | 52 |
try setup_nfdhcpd |
| 60 | 53 |
;; |
| 61 | 54 |
$MAC_FILTERED_TAG) |
| 55 |
try init_ebtables |
|
| 62 | 56 |
try setup_ebtables |
| 63 | 57 |
;; |
| 64 | 58 |
$MASQ_TAG) |
Also available in: Unified diff