diff options
| author | Henning Brauer <henning@cvs.openbsd.org> | 2018-02-05 03:51:54 +0000 |
|---|---|---|
| committer | Henning Brauer <henning@cvs.openbsd.org> | 2018-02-05 03:51:54 +0000 |
| commit | be6aca0ee5f7ec7447bd29386779f28aaec789b9 (patch) | |
| tree | 4ecdb65a7af8a6491139e5f76bc3927bf26557a6 /sys/net/if_bridge.c | |
| parent | 3f34caf6f085b048f9120760ab183eac832941bf (diff) | |
implement an arp filter
allows arp (and rarp) requests and replies to be matched, including matching
based on the source and target host and protocol adresses, and thus control
over arp traffic and learning.
written for medical x-ray machines, but useful in many spread out L2 networks
ok claudio benno
Diffstat (limited to 'sys/net/if_bridge.c')
| -rw-r--r-- | sys/net/if_bridge.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/sys/net/if_bridge.c b/sys/net/if_bridge.c index fa37dfd12e9..a54f5babd5d 100644 --- a/sys/net/if_bridge.c +++ b/sys/net/if_bridge.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_bridge.c,v 1.301 2018/01/10 23:50:39 dlg Exp $ */ +/* $OpenBSD: if_bridge.c,v 1.302 2018/02/05 03:51:53 henning Exp $ */ /* * Copyright (c) 1999, 2000 Jason L. Wright (jason@thought.net) @@ -699,6 +699,7 @@ bridge_output(struct ifnet *ifp, struct mbuf *m, struct sockaddr *sa, struct ether_addr *dst; struct bridge_softc *sc; struct bridge_tunneltag *brtag; + struct bridge_iflist *ifl; int error; /* ifp must be a member interface of the bridge. */ @@ -785,6 +786,12 @@ bridge_output(struct ifnet *ifp, struct mbuf *m, struct sockaddr *sa, } } + ifl = (struct bridge_iflist *)dst_if->if_bridgeport; + KASSERT(ifl != NULL); + if (bridge_filterrule(&ifl->bif_brlout, eh, mc) == + BRL_ACTION_BLOCK) + continue; + error = bridge_ifenqueue(sc, dst_if, mc); if (error) continue; |