From 12634953dc3de00dccd62f10e885bb5fa0842482 Mon Sep 17 00:00:00 2001 From: dlg Date: Tue, 21 Oct 2025 05:09:32 +0000 Subject: [PATCH] add a LOCKED flag to bridge (actually just veb) ports. this will specify that the mac address for frames received by these ports must have an entry in the fib/address cache pointing at the same interface. this is modelled on the "locked" lladdr config in vm.conf. --- sys/net/if_bridge.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/sys/net/if_bridge.h b/sys/net/if_bridge.h index 6fa74c878ad..2e0c40589a7 100644 --- a/sys/net/if_bridge.h +++ b/sys/net/if_bridge.h @@ -1,4 +1,4 @@ -/* $OpenBSD: if_bridge.h,v 1.73 2021/11/11 10:03:10 claudio Exp $ */ +/* $OpenBSD: if_bridge.h,v 1.74 2025/10/21 05:09:32 dlg Exp $ */ /* * Copyright (c) 1999, 2000 Jason L. Wright (jason@thought.net) @@ -74,6 +74,7 @@ struct ifbreq { #define IFBIF_BSTP_AUTOPTP 0x0080 /* member stp autoptp enabled */ #define IFBIF_SPAN 0x0100 /* ifs is a span port (ro) */ #define IFBIF_LOCAL 0x1000 /* local port in switch(4) */ +#define IFBIF_LOCKED 0x2000 /* restrict rx src mac with fib */ #define IFBIF_RO_MASK 0x0f00 /* read only bits */ /* SIOCBRDGFLUSH */