Sophie

Sophie

distrib > Mandriva > current > x86_64 > by-pkgid > 2b6cb026e165d917fcba046e6b52a80d > files > 11

libvirt-utils-0.8.0-2mdv2010.1.x86_64.rpm

<filter name='no-arp-spoofing' chain='arp'>
   <uuid>f88f1932-debf-4aa1-9fbe-f10d3aa4bc95</uuid>

   <!-- no arp spoofing -->
   <!-- drop if ipaddr or macaddr does not belong to guest -->
   <rule action='drop' direction='out' priority='400' >
       <arp match='no' arpsrcmacaddr='$MAC'/>
   </rule>
   <rule action='drop' direction='out' priority='400' >
       <arp match='no' arpsrcipaddr='$IP' />
   </rule>
   <!-- drop if ipaddr or macaddr odes not belong to guest -->
   <rule action='drop' direction='in' priority='400' >
       <arp match='no' arpdstmacaddr='$MAC'/>
       <arp opcode='reply'/>
   </rule>
   <rule action='drop' direction='in' priority='400' >
       <arp match='no' arpdstipaddr='$IP' />
   </rule>
   <!-- accept only request or reply packets -->
   <rule action='accept' direction='inout' priority='500' >
       <arp opcode='request'/>
   </rule>
   <rule action='accept' direction='inout' priority='500' >
       <arp opcode='reply'/>
   </rule>
   <!-- drop everything else -->
   <rule action='drop' direction='inout' priority='1000' />
</filter>

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional