[pve-devel] [PATCH container v2 1/1] enforce unicast MAC for netconfig
Stoiko Ivanov
s.ivanov at proxmox.com
Mon Mar 11 22:50:14 CET 2019
having a container with a multicast mac (see [1]), prevents it from starting
(see [0,3]).
This patch adapts the regex for matching the mac_prefix to only allow even
second hexdigits in the first octet.
[0] https://lists.linuxcontainers.org/pipermail/lxc-users/2010-August/000783.html
[1] https://en.wikipedia.org/wiki/MAC_address
[2] https://pve.proxmox.com/pipermail/pve-devel/2019-March/035996.html
Signed-off-by: Stoiko Ivanov <s.ivanov at proxmox.com>
---
src/PVE/LXC/Config.pm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/PVE/LXC/Config.pm b/src/PVE/LXC/Config.pm
index 7762533..c45b339 100644
--- a/src/PVE/LXC/Config.pm
+++ b/src/PVE/LXC/Config.pm
@@ -604,7 +604,7 @@ our $netconf_desc = {
type => 'string',
format_description => "XX:XX:XX:XX:XX:XX",
description => 'The interface MAC address. This is dynamically allocated by default, but you can set that statically if needed, for example to always have the same link-local IPv6 address. (lxc.network.hwaddr)',
- pattern => qr/(?:[a-f0-9]{2}:){5}[a-f0-9]{2}/i,
+ pattern => qr/[a-f0-9][02468ace](?::[a-f0-9]{2}){5}/i,
optional => 1,
},
mtu => {
--
2.11.0
More information about the pve-devel
mailing list