Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
gluon-ebtables-filter-multicast: do not filter out Bridge Loop Avoidance
batman-adv uses gratuitous ARP packets with certain target addresses for
BLA.

Fixes #1198
  • Loading branch information
neocturne committed Dec 27, 2017
1 parent 35237c2 commit f799518
Showing 1 changed file with 4 additions and 0 deletions.
@@ -1,3 +1,7 @@
# Bridge loop avoidance
rule 'MULTICAST_OUT -p ARP --arp-opcode Reply --arp-gratuitous --arp-mac-dst ff:43:05:00:00:00/ff:ff:ff:fc:00:00 -j RETURN'
rule 'MULTICAST_OUT -p ARP --arp-opcode Reply --arp-gratuitous --arp-mac-dst ff:43:05:05:00:00/ff:ff:ff:ff:00:00 -j RETURN'

rule 'MULTICAST_OUT -p ARP --arp-opcode Reply --arp-ip-src 0.0.0.0 -j DROP'
rule 'MULTICAST_OUT -p ARP --arp-opcode Request --arp-ip-dst 0.0.0.0 -j DROP'
rule 'MULTICAST_OUT -p ARP -j RETURN'

0 comments on commit f799518

Please sign in to comment.