summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorClaudio Jeker <claudio@cvs.openbsd.org>2005-01-18 22:25:39 +0000
committerClaudio Jeker <claudio@cvs.openbsd.org>2005-01-18 22:25:39 +0000
commitc57408e4aab7a5e8adc1770400fc3620b0a6625e (patch)
tree7a676a1b4c688a8a708a78c62da20f378b164ee1
parente2ce96546d0bd4f516346dcefcd8d8ba46d78e18 (diff)
Use correct source address for ICMP errors generated from packets that were
not addressed to the machine. If the destination is not a local address do a route lookup for the original source address and use the returned interface address. This solves problems seen on interfaces with multiple networks defined. OK henning@ markus@
-rw-r--r--sys/netinet/ip_icmp.c18
1 files changed, 7 insertions, 11 deletions
diff --git a/sys/netinet/ip_icmp.c b/sys/netinet/ip_icmp.c
index 0b9889fa983..8b31921e74d 100644
--- a/sys/netinet/ip_icmp.c
+++ b/sys/netinet/ip_icmp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ip_icmp.c,v 1.65 2004/06/22 07:35:20 cedric Exp $ */
+/* $OpenBSD: ip_icmp.c,v 1.66 2005/01/18 22:25:38 claudio Exp $ */
/* $NetBSD: ip_icmp.c,v 1.19 1996/02/13 23:42:22 christos Exp $ */
/*
@@ -627,9 +627,8 @@ icmp_reflect(struct mbuf *m)
ip->ip_dst = ip->ip_src;
/*
* If the incoming packet was addressed directly to us,
- * use dst as the src for the reply. Otherwise (broadcast
- * or anonymous), use the address which corresponds
- * to the incoming interface.
+ * use dst as the src for the reply. For broadcast, use
+ * the address which corresponds to the incoming interface.
*/
for (ia = in_ifaddr.tqh_first; ia; ia = ia->ia_list.tqe_next) {
if (t.s_addr == ia->ia_addr.sin_addr.s_addr)
@@ -638,13 +637,10 @@ icmp_reflect(struct mbuf *m)
t.s_addr == ia->ia_broadaddr.sin_addr.s_addr)
break;
}
- icmpdst.sin_addr = t;
- if ((ia == (struct in_ifaddr *)0) && (m->m_pkthdr.rcvif != NULL))
- ia = ifatoia(ifaof_ifpforaddr(sintosa(&icmpdst),
- m->m_pkthdr.rcvif));
/*
- * The following happens if the packet was not addressed to us,
- * and was received on an interface with no IP address.
+ * The following happens if the packet was not addressed to us.
+ * Use the new source address and do a route lookup. If it fails
+ * drop the packet as there is no path to the host.
*/
if (ia == (struct in_ifaddr *)0) {
struct sockaddr_in *dst;
@@ -654,7 +650,7 @@ icmp_reflect(struct mbuf *m)
dst = satosin(&ro.ro_dst);
dst->sin_family = AF_INET;
dst->sin_len = sizeof(*dst);
- dst->sin_addr = t;
+ dst->sin_addr = ip->ip_src;
rtalloc(&ro);
if (ro.ro_rt == 0) {