This make it possible to prevent port flooding by simply disabling the discover bit per interface. --- sys/net/if_veb.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/sys/net/if_veb.c b/sys/net/if_veb.c index c5f865b7154..58d48312e41 100644 --- a/sys/net/if_veb.c +++ b/sys/net/if_veb.c @@ -985,7 +985,7 @@ veb_broadcast(struct veb_softc *sc, struct veb_port *rp, struct mbuf *m0, continue; } - if (!ISSET(tp->p_bif_flags, IFBIF_DISCOVER) && + if (!ISSET(tp->p_bif_flags, IFBIF_DISCOVER) || !ISSET(m0->m_flags, M_BCAST | M_MCAST)) { /* don't flood unknown unicast */ continue; --