nwfilter: enable filtering of gratuitous ARP packets

This patch enables filtering of gratuitous ARP packets using the following XML: <rule action='accept' direction='in' priority='425'> <arp gratuitous='true'/> </rule>
2025-02-25 18:55:26 -06:00 · 2011-05-23 19:41:18 -04:00
parent 17266c5c68
commit fcb0e8c227
8 changed files with 68 additions and 2 deletions
--- a/docs/formatnwfilter.html.in
+++ b/docs/formatnwfilter.html.in
@@ -321,6 +321,7 @@
     <li>IPV6_ADDR: IPv6 address in numbers format, i.e., FFFF::1</li>
     <li>IPV6_MASK: IPv6 mask in numbers format (FFFF:FFFF:FC00::) or CIDR mask (0-128)</li>
     <li>STRING: A string</li>
+     <li>BOOLEAN: 'true', 'yes', '1' or 'false', 'no', '0'</li>
    </ul>
    <p>
     <br/><br/>
@@ -476,6 +477,11 @@
         <td>STRING</td>
         <td>text with max. 256 characters</td>
       </tr>
+       <tr>
+         <td>gratuitous <span class="since">(Since 0.9.2)</span></td>
+         <td>BOOLEAN</td>
+         <td>boolean indicating whether to check for gratuitous ARP packet</td>
+       </tr>
      </table>
    <p>
      Valid strings for the <code>Opcode</code> field are: