1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
|
--- linux/net/bridge/netfilter/ebtables.c Fri May 3 20:37:08 2002
+++ ebt2.0pre5.001/net/bridge/netfilter/ebtables.c Fri May 3 20:28:46 2002
@@ -124,17 +124,26 @@
(point->logical_out), &out->br_port->br->dev), EBT_ILOGICALOUT))
) {
- if ( (point->bitmask & EBT_SOURCEMAC) &&
- FWINV(!!memcmp(point->sourcemac,
- ((**pskb).mac.ethernet)->h_source, ETH_ALEN),
- EBT_ISOURCE) )
- goto letscontinue;
+ char hlpmac[6];
+ int j;
- if ( (point->bitmask & EBT_DESTMAC) &&
- FWINV(!!memcmp(point->destmac,
- ((**pskb).mac.ethernet)->h_dest, ETH_ALEN),
- EBT_IDEST) )
- goto letscontinue;
+ if (point->bitmask & EBT_SOURCEMAC) {
+ for (j = 0; j < 6; j++)
+ hlpmac[j] = ((**pskb).mac.ethernet)->
+ h_source[j] & point->sourcemsk[j];
+ if (FWINV(!!memcmp(point->sourcemac, hlpmac,
+ ETH_ALEN), EBT_ISOURCE) )
+ goto letscontinue;
+ }
+
+ if (point->bitmask & EBT_DESTMAC) {
+ for (j = 0; j < 6; j++)
+ hlpmac[j] = ((**pskb).mac.ethernet)->
+ h_dest[j] & point->destmsk[j];
+ if (FWINV(!!memcmp(point->destmac, hlpmac,
+ ETH_ALEN), EBT_IDEST) )
+ goto letscontinue;
+ }
if (EBT_MATCH_ITERATE(point, ebt_do_match, *pskb, in,
out, counter_base + i) != 0)
--- linux/include/linux/netfilter_bridge/ebtables.h Fri May 3 20:37:08 2002
+++ ebt2.0pre5.001/include/linux/netfilter_bridge/ebtables.h Thu May 2 19:01:09 2002
@@ -136,7 +136,9 @@
// the logical out-dev
__u8 logical_out[IFNAMSIZ];
__u8 sourcemac[ETH_ALEN];
+ __u8 sourcemsk[ETH_ALEN];
__u8 destmac[ETH_ALEN];
+ __u8 destmsk[ETH_ALEN];
// sizeof ebt_entry + matches
__u16 watchers_offset;
// sizeof ebt_entry + matches + watchers
|
