3 files changed, 16 insertions, 20 deletions

diff --git a/node/Constants.hpp b/node/Constants.hpp
index 4bca7d29..dc36b3a1 100644
--- a/node/Constants.hpp
+++ b/node/Constants.hpp
@@ -286,6 +286,9 @@
 
 /**
  * Delay between requests for updated network autoconf information
+ *
+ * Don't lengthen this as it affects things like QoS / uptime monitoring
+ * via ZeroTier Central. This is the heartbeat, basically.
  */
 #define ZT_NETWORK_AUTOCONF_DELAY 60000
 
diff --git a/node/NetworkConfig.cpp b/node/NetworkConfig.cpp
index aab9a650..090648f8 100644
--- a/node/NetworkConfig.cpp
+++ b/node/NetworkConfig.cpp
@@ -56,16 +56,10 @@ NetworkConfig NetworkConfig::createTestNetworkConfig(const Address &self)
 	nc._type = ZT_NETWORK_TYPE_PUBLIC;
 	nc._enableBroadcast = true;
 
-	nc._rules[nc._ruleCount].ruleNo = 0;
-	nc._rules[nc._ruleCount].vlanId = -1;
-	nc._rules[nc._ruleCount].vlanPcp = -1;
-	nc._rules[nc._ruleCount].etherType = -1;
-	nc._rules[nc._ruleCount].ipTos = -1;
-	nc._rules[nc._ruleCount].ipProtocol = -1;
-	nc._rules[nc._ruleCount].ipSourcePort = -1;
-	nc._rules[nc._ruleCount].ipDestPort = -1;
-	nc._rules[nc._ruleCount].action = ZT_NETWORK_RULE_ACTION_ACCEPT;
-	++nc._ruleCount;
+	nc._rules[nc._ruleCount].ruleNo = 1;
+	nc._rules[nc._ruleCount].matches = (uint8_t)ZT_NETWORK_RULE_MATCHES_ALL;
+	nc._rules[nc._ruleCount].action = (uint8_t)ZT_NETWORK_RULE_ACTION_ACCEPT;
+	nc._ruleCount = 1;
 
 	Utils::snprintf(nc._name,sizeof(nc._name),"ZT_TEST_NETWORK");
 
@@ -213,14 +207,9 @@ void NetworkConfig::fromDictionary(const Dictionary &d)
 		if (_ruleCount < ZT_MAX_NETWORK_RULES) {
 			memset(&(_rules[_ruleCount]),0,sizeof(ZT_VirtualNetworkRule));
 			_rules[_ruleCount].ruleNo = rno; rno += 10;
-			_rules[_ruleCount].vlanId = -1;
-			_rules[_ruleCount].vlanPcp = -1;
-			_rules[_ruleCount].etherType = (et2 == 0) ? -1 : (int)et2;
-			_rules[_ruleCount].ipTos = -1;
-			_rules[_ruleCount].ipProtocol = -1;
-			_rules[_ruleCount].ipSourcePort = -1;
-			_rules[_ruleCount].ipDestPort = -1;
-			_rules[_ruleCount].action = ZT_NETWORK_RULE_ACTION_ACCEPT;
+			_rules[_ruleCount].matches = (uint8_t)((et2 == 0) ? ZT_NETWORK_RULE_MATCHES_ALL : ZT_NETWORK_RULE_MATCHES_ETHERTYPE);
+			_rules[_ruleCount].action = (uint8_t)ZT_NETWORK_RULE_ACTION_ACCEPT;
+			_rules[_ruleCount].datum.etherType = (uint16_t)et2;
 			++_ruleCount;
 		}
 	}
diff --git a/node/NetworkConfig.hpp b/node/NetworkConfig.hpp
index c3cc9cd4..0ed7b6a2 100644
--- a/node/NetworkConfig.hpp
+++ b/node/NetworkConfig.hpp
@@ -133,8 +133,12 @@ public:
 	inline bool permitsEtherType(unsigned int etherType) const
 	{
 		for(unsigned int i=0;i<_ruleCount;++i) {
-			if ((_rules[i].etherType < 0)||((unsigned int)_rules[i].etherType == etherType))
-				return (_rules[i].action == ZT_NETWORK_RULE_ACTION_ACCEPT);
+			if ((ZT_VirtualNetworkRuleMatches)_rules[i].matches == ZT_NETWORK_RULE_MATCHES_ETHERTYPE) {
+				if (_rules[i].datum.etherType == etherType)
+					return ((ZT_VirtualNetworkRuleAction)_rules[i].action == ZT_NETWORK_RULE_ACTION_ACCEPT);
+			} else if ((ZT_VirtualNetworkRuleMatches)_rules[i].matches == ZT_NETWORK_RULE_MATCHES_ALL) {
+				return ((ZT_VirtualNetworkRuleAction)_rules[i].action == ZT_NETWORK_RULE_ACTION_ACCEPT);
+			}
 		}
 		return false;
 	}