diff options
| author | Jun-ichiro itojun Hagino <itojun@cvs.openbsd.org> | 2000-08-29 09:20:25 +0000 |
|---|---|---|
| committer | Jun-ichiro itojun Hagino <itojun@cvs.openbsd.org> | 2000-08-29 09:20:25 +0000 |
| commit | acdf28e4af0668bd02acfb9c09978b5a51185049 (patch) | |
| tree | 861b85a63c2ed189072209926a20901b75af97b0 /sys/netinet6/ip6_mroute.c | |
| parent | b138784ef47d7e900668333d8af2d056aff742d5 (diff) | |
do not forward packets with unspecified source (::).
this is clarification made to rfc2460 recently. sync with kame.
Diffstat (limited to 'sys/netinet6/ip6_mroute.c')
| -rw-r--r-- | sys/netinet6/ip6_mroute.c | 30 |
1 files changed, 27 insertions, 3 deletions
diff --git a/sys/netinet6/ip6_mroute.c b/sys/netinet6/ip6_mroute.c index 48b9cd4c087..db25d903a91 100644 --- a/sys/netinet6/ip6_mroute.c +++ b/sys/netinet6/ip6_mroute.c @@ -1,5 +1,5 @@ -/* $OpenBSD: ip6_mroute.c,v 1.5 2000/07/13 14:44:17 itojun Exp $ */ -/* $KAME: ip6_mroute.c,v 1.24 2000/05/19 07:37:05 jinmei Exp $ */ +/* $OpenBSD: ip6_mroute.c,v 1.6 2000/08/29 09:20:24 itojun Exp $ */ +/* $KAME: ip6_mroute.c,v 1.31 2000/08/23 03:20:05 itojun Exp $ */ /* * Copyright (C) 1998 WIDE Project. @@ -77,6 +77,8 @@ #include <netinet6/pim6.h> #include <netinet6/pim6_var.h> +#include <net/net_osdep.h> + #define M_HASCL(m) ((m)->m_flags & M_EXT) static int ip6_mdq __P((struct mbuf *, struct ifnet *, struct mf6c *)); @@ -927,6 +929,7 @@ ip6_mforward(ip6, ifp, m) register struct mbuf *mm; int s; mifi_t mifi; + long time_second = time.tv_sec; #ifdef MRT6DEBUG if (mrt6debug & DEBUG_FORWARD) @@ -945,10 +948,31 @@ ip6_mforward(ip6, ifp, m) ip6->ip6_hlim--; /* + * Source address check: do not forward packets with unspecified + * source. It was discussed in July 2000, on ipngwg mailing list. + * This is rather more serious than unicast cases, because some + * MLD packets can be sent with the unspecified source address + * (although such packets must normally set 1 to the hop limit field). + */ + if (IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_src)) { + ip6stat.ip6s_cantforward++; + if (ip6_log_time + ip6_log_interval < time_second) { + ip6_log_time = time_second; + log(LOG_DEBUG, + "cannot forward " + "from %s to %s nxt %d received on %s\n", + ip6_sprintf(&ip6->ip6_src), + ip6_sprintf(&ip6->ip6_dst), + ip6->ip6_nxt, + if_name(m->m_pkthdr.rcvif)); + } + return 0; + } + + /* * Determine forwarding mifs from the forwarding cache table */ s = splnet(); - MF6CFIND(ip6->ip6_src, ip6->ip6_dst, rt); /* Entry exists, so forward if necessary */ |