summaryrefslogtreecommitdiff
path: root/sys
diff options
context:
space:
mode:
authorPaul de Weerd <weerd@cvs.openbsd.org>2010-11-04 23:07:16 +0000
committerPaul de Weerd <weerd@cvs.openbsd.org>2010-11-04 23:07:16 +0000
commit276c0fdc008c9390231e1a6fb7bfba5c4322efe4 (patch)
treed627a4cebb6b7ce29134f0e0a7d8ebfa2b3de8cc /sys
parent2ddf68e9fdece68c6dd3b4aff4fcaedf6906b38b (diff)
Filter out reserved destination MAC addresses (01:80:C2:00:00:0x) as
per the 802.1D-2004 spec. With lots of help and guidance (and some nagging) from claudio. Tested with net/ladvd port on i386 and amd64. 'be a man' claudio@, ok mpf@
Diffstat (limited to 'sys')
-rw-r--r--sys/net/if_bridge.c23
1 files changed, 18 insertions, 5 deletions
diff --git a/sys/net/if_bridge.c b/sys/net/if_bridge.c
index 936980e3a2d..b8b0b652e70 100644
--- a/sys/net/if_bridge.c
+++ b/sys/net/if_bridge.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: if_bridge.c,v 1.187 2010/10/31 15:14:30 mpf Exp $ */
+/* $OpenBSD: if_bridge.c,v 1.188 2010/11/04 23:07:15 weerd Exp $ */
/*
* Copyright (c) 1999, 2000 Jason L. Wright (jason@thought.net)
@@ -1415,10 +1415,23 @@ bridge_input(struct ifnet *ifp, struct ether_header *eh, struct mbuf *m)
bridge_span(sc, eh, m);
if (m->m_flags & (M_BCAST | M_MCAST)) {
- /* Tap off 802.1D packets, they do not get forwarded */
- if (bcmp(eh->ether_dhost, bstp_etheraddr, ETHER_ADDR_LEN) == 0) {
- bstp_input(sc->sc_stp, ifl->bif_stp, eh, m);
- return (NULL);
+ /*
+ * Reserved destination MAC addresses (01:80:C2:00:00:0x)
+ * should not be forwarded to bridge members according to
+ * section 7.12.6 of the 802.1D-2004 specification. The
+ * STP destination address (as stored in bstp_etheraddr)
+ * is the first of these.
+ */
+ if (bcmp(eh->ether_dhost, bstp_etheraddr, ETHER_ADDR_LEN - 1)
+ == 0) {
+ if (eh->ether_dhost[ETHER_ADDR_LEN - 1] == 0) {
+ /* STP traffic */
+ bstp_input(sc->sc_stp, ifl->bif_stp, eh, m);
+ return (NULL);
+ } else if (eh->ether_dhost[ETHER_ADDR_LEN - 1] <= 0xf) {
+ m_freem(m);
+ return (NULL);
+ }
}
/*