From 7c0cb69c297bdab4ffef4fb0e0cc5a349ca13f11 Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Fri, 18 Nov 2011 07:07:51 -0800 Subject: [PATCH] Don't copy limited broadcast routes to provider tables Signed-off-by: Tom Eastep --- Shorewall/Perl/Shorewall/Providers.pm | 37 ++++++++++++++++++++++----- 1 file changed, 31 insertions(+), 6 deletions(-) diff --git a/Shorewall/Perl/Shorewall/Providers.pm b/Shorewall/Perl/Shorewall/Providers.pm index a6f5bc4a9..f2eb7fbef 100644 --- a/Shorewall/Perl/Shorewall/Providers.pm +++ b/Shorewall/Perl/Shorewall/Providers.pm @@ -155,9 +155,22 @@ sub copy_table( $$$ ) { emit ( ' case $net in', ' default)', ' ;;', - ' *)', - " run_ip route add table $number \$net \$route $realm", - ' ;;', + ' *)' ); + + if ( $family == F_IPV4 ) { + emit ( ' case $net in', + ' 255.255.255.255*)', + ' ;;', + ' *)', + " run_ip route add table $number \$net \$route $realm", + ' ;;', + ' esac', + ); + } else { + emit ( " run_ip route add table $number \$net \$route $realm" ); + } + + emit ( ' ;;', ' esac', "done\n" ); @@ -189,9 +202,21 @@ sub copy_and_edit_table( $$$$ ) { ' ;;', ' *)', ' case $(find_device $route) in', - " $copy)", - " run_ip route add table $number \$net \$route $realm", - ' ;;', + " $copy)" ); + if ( $family == F_IPV4 ) { + emit ( ' case $net in', + ' 255.255.255.255*)', + ' ;;', + ' *)', + " run_ip route add table $number \$net \$route $realm", + ' ;;', + ' esac', + ); + } else { + emit ( " run_ip route add table $number \$net \$route $realm" ); + } + + emit ( ' ;;', ' esac', ' ;;', ' esac',