From a9ba3a856d8e84f4c32bcfa2b92727b7add4996c Mon Sep 17 00:00:00 2001
From: aliguori <aliguori@c046a42c-6fe2-441c-8c8c-71466251a162>
Date: Thu, 8 Jan 2009 19:24:00 +0000
Subject: Add slirp_restrict option (Gleb Natapov)

Add "slirp firewall" to permit connection only to vmchannel addresses.

Signed-off-by: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>



git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6241 c046a42c-6fe2-441c-8c8c-71466251a162
---
 slirp/bootp.c | 22 ++++++++++++----------
 1 file changed, 12 insertions(+), 10 deletions(-)

(limited to 'slirp/bootp.c')

diff --git a/slirp/bootp.c b/slirp/bootp.c
index 750fae3d05..bf704abf52 100644
--- a/slirp/bootp.c
+++ b/slirp/bootp.c
@@ -219,16 +219,18 @@ static void bootp_reply(struct bootp_t *bp)
         *q++ = 0xff;
         *q++ = 0x00;
 
-        *q++ = RFC1533_GATEWAY;
-        *q++ = 4;
-        memcpy(q, &saddr.sin_addr, 4);
-        q += 4;
-
-        *q++ = RFC1533_DNS;
-        *q++ = 4;
-        dns_addr.s_addr = htonl(ntohl(special_addr.s_addr) | CTL_DNS);
-        memcpy(q, &dns_addr, 4);
-        q += 4;
+        if (!slirp_restrict) {
+            *q++ = RFC1533_GATEWAY;
+            *q++ = 4;
+            memcpy(q, &saddr.sin_addr, 4);
+            q += 4;
+
+            *q++ = RFC1533_DNS;
+            *q++ = 4;
+            dns_addr.s_addr = htonl(ntohl(special_addr.s_addr) | CTL_DNS);
+            memcpy(q, &dns_addr, 4);
+            q += 4;
+        }
 
         *q++ = RFC2132_LEASE_TIME;
         *q++ = 4;
-- 
cgit v1.2.3