- /* Allow ARP replies to the controller's IP. */
- init_rule(&rule, IBR_TO_CTL_ARP);
- set_dl_type(&rule, ETH_TYPE_ARP);
- set_nw_proto(&rule, ARP_OP_REPLY);
- set_nw_dst(&rule, remote_ip);
- cb(ib, &rule);
-
- /* Allow ARP requests from the controller's IP. */
- init_rule(&rule, IBR_FROM_CTL_ARP);
- set_dl_type(&rule, ETH_TYPE_ARP);
- set_nw_proto(&rule, ARP_OP_REQUEST);
- set_nw_src(&rule, remote_ip);
- cb(ib, &rule);
-
- /* OpenFlow traffic to the controller. */
- init_rule(&rule, IBR_TO_CTL_OFP);
- set_dl_type(&rule, ETH_TYPE_IP);
- set_nw_proto(&rule, IP_TYPE_TCP);
- set_nw_dst(&rule, remote_ip);
- set_tp_dst(&rule, OFP_TCP_PORT);
- cb(ib, &rule);
-
- /* OpenFlow traffic from the controller. */
- init_rule(&rule, IBR_FROM_CTL_OFP);
- set_dl_type(&rule, ETH_TYPE_IP);
- set_nw_proto(&rule, IP_TYPE_TCP);
- set_nw_src(&rule, remote_ip);
- set_tp_src(&rule, OFP_TCP_PORT);
- cb(ib, &rule);
+ if (!i
+ || a->sin_addr.s_addr != a[-1].sin_addr.s_addr
+ || a->sin_port != a[-1].sin_port) {
+ /* (h) Allow TCP traffic to the remote's IP and port. */
+ init_rule(&rule, IBR_TO_REMOTE_TCP);
+ set_dl_type(&rule, htons(ETH_TYPE_IP));
+ set_nw_proto(&rule, IP_TYPE_TCP);
+ set_nw_dst(&rule, a->sin_addr);
+ set_tp_dst(&rule, a->sin_port);
+ cb(ib, &rule);
+
+ /* (i) Allow TCP traffic from the remote's IP and port. */
+ init_rule(&rule, IBR_FROM_REMOTE_TCP);
+ set_dl_type(&rule, htons(ETH_TYPE_IP));
+ set_nw_proto(&rule, IP_TYPE_TCP);
+ set_nw_src(&rule, a->sin_addr);
+ set_tp_src(&rule, a->sin_port);
+ cb(ib, &rule);
+ }