From b58ab9abb9eb461992ef1377d1f1c19a0efd1f53 Mon Sep 17 00:00:00 2001 From: Nils Schneider Date: Mon, 16 Mar 2015 19:17:40 +0100 Subject: [PATCH] ebtables-filter-mcast: drop ARPs to/from 0.0.0.0 Fixes https://github.com/freifunk-gluon/gluon/issues/311 --- .../files/lib/gluon/ebtables/110-mcast-allow-arp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/package/gluon-ebtables-filter-multicast/files/lib/gluon/ebtables/110-mcast-allow-arp b/package/gluon-ebtables-filter-multicast/files/lib/gluon/ebtables/110-mcast-allow-arp index 1083966d..8af1900a 100644 --- a/package/gluon-ebtables-filter-multicast/files/lib/gluon/ebtables/110-mcast-allow-arp +++ b/package/gluon-ebtables-filter-multicast/files/lib/gluon/ebtables/110-mcast-allow-arp @@ -1 +1,3 @@ +rule 'MULTICAST_OUT -p ARP --arp-opcode Reply --arp-ip-src 0.0.0.0 -j DROP' +rule 'MULTICAST_OUT -p ARP --arp-opcode Request --arp-ip-dst 0.0.0.0 -j DROP' rule 'MULTICAST_OUT -p ARP -j RETURN'