From 1c8f0cbb831ce43bf3269f1775b42a900d69ce47 Mon Sep 17 00:00:00 2001
From: Stefan Berger <stefanb@linux.vnet.ibm.com>
Date: Wed, 21 Dec 2011 10:54:47 -0500
Subject: [PATCH] nwfilter: Do not require DHCP requests to be broadcasted

Remove the requirement that DHCP messages have to be broadcasted.
DHCP requests are most often sent via broadcast but can be directed
towards a specific DHCP server. For example 'dhclient' takes '-s <server>'
as a command line parameter thus allowing DHCP requests to be sent to a
specific DHCP server.
---
 src/nwfilter/nwfilter_ebiptables_driver.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/nwfilter/nwfilter_ebiptables_driver.c b/src/nwfilter/nwfilter_ebiptables_driver.c
index d8b1e9798a..9c244be41c 100644
--- a/src/nwfilter/nwfilter_ebiptables_driver.c
+++ b/src/nwfilter/nwfilter_ebiptables_driver.c
@@ -3245,9 +3245,8 @@ ebtablesApplyDHCPOnlyRules(const char *ifname,
 
     virBufferAsprintf(&buf,
                       CMD_DEF("$EBT -t nat -A %s"
-                              " -s %s -d Broadcast "
+                              " -s %s"
                               " -p ipv4 --ip-protocol udp"
-                              " --ip-src 0.0.0.0 --ip-dst 255.255.255.255"
                               " --ip-sport 68 --ip-dport 67"
                               " -j ACCEPT") CMD_SEPARATOR
                       CMD_EXEC