From ca1c7d6ea0b64b17409e013a5259355862be976c Mon Sep 17 00:00:00 2001
From: Michael Schwarz <mschwar2@math.uni-paderborn.de>
Date: Fri, 13 Mar 2015 19:01:12 +0100
Subject: [PATCH] Improved ebtables rules

---
 .../files/lib/gluon/ebtables/110-ffpb-net-allow-ipv4-space    | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/ffpb/ffpb-ebtables-net-rules/files/lib/gluon/ebtables/110-ffpb-net-allow-ipv4-space b/ffpb/ffpb-ebtables-net-rules/files/lib/gluon/ebtables/110-ffpb-net-allow-ipv4-space
index a4dec2d..82e5c6f 100644
--- a/ffpb/ffpb-ebtables-net-rules/files/lib/gluon/ebtables/110-ffpb-net-allow-ipv4-space
+++ b/ffpb/ffpb-ebtables-net-rules/files/lib/gluon/ebtables/110-ffpb-net-allow-ipv4-space
@@ -1,2 +1,4 @@
+rule 'FFPB_NET_ONLY -p IPv4 --ip-protocol udp --ip-destination-port 67 -j RETURN'
 rule 'FFPB_NET_ONLY -p IPv4 --ip-src 10.132.0.0/17 -j RETURN'
-rule 'FFPB_NET_ONLY -p ARP --arp-ip-src 10.132.0.0/17 -j RETURN'
+rule 'FFPB_NET_ONLY -p ARP --arp-ip-src 10.132.0.0/17 --arp-ip-dst 10.132.0.0/17 -j RETURN'
+rule 'FFPB_NET_ONLY -p ARP --arp-ip-src 0.0.0.0./0 --arp-ip-dst 10.132.0.0/17 -j RETURN'
-- 
GitLab