From 13f4ff0cdb8dbf8530283d9f31037eb1f0cccde9 Mon Sep 17 00:00:00 2001
From: atwardowski <adam.twardowski@gmail.com>
Date: Thu, 8 Aug 2013 13:44:29 -0400
Subject: [PATCH] Update OpenvSwitch.rb

Block ARP cache poisoning in openvswitch
---
 src/vnm_mad/remotes/ovswitch/OpenvSwitch.rb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/vnm_mad/remotes/ovswitch/OpenvSwitch.rb b/src/vnm_mad/remotes/ovswitch/OpenvSwitch.rb
index 304327d5d1..c731aee9ca 100644
--- a/src/vnm_mad/remotes/ovswitch/OpenvSwitch.rb
+++ b/src/vnm_mad/remotes/ovswitch/OpenvSwitch.rb
@@ -80,6 +80,8 @@ class OpenvSwitchVLAN < OpenNebulaNetwork
     end
 
     def mac_spoofing
+        add_flow("in_port=#{port},arp,dl_src=#{@nic[:mac]}",:drop,45000)
+        add_flow("in_port=#{port},arp,dl_src=#{@nic[:mac]},nw_src=#{@nic[:ip]}",:normal,46000)
         add_flow("in_port=#{port},dl_src=#{@nic[:mac]}",:normal,40000)
         add_flow("in_port=#{port}",:drop,39000)
     end