diff options
| author | Claudio Jeker <claudio@cvs.openbsd.org> | 2005-01-18 22:25:39 +0000 |
|---|---|---|
| committer | Claudio Jeker <claudio@cvs.openbsd.org> | 2005-01-18 22:25:39 +0000 |
| commit | c57408e4aab7a5e8adc1770400fc3620b0a6625e (patch) | |
| tree | 7a676a1b4c688a8a708a78c62da20f378b164ee1 /sys/netinet | |
| parent | e2ce96546d0bd4f516346dcefcd8d8ba46d78e18 (diff) | |
Use correct source address for ICMP errors generated from packets that were
not addressed to the machine. If the destination is not a local address do a
route lookup for the original source address and use the returned interface
address. This solves problems seen on interfaces with multiple networks
defined. OK henning@ markus@
Diffstat (limited to 'sys/netinet')
| -rw-r--r-- | sys/netinet/ip_icmp.c | 18 |
1 files changed, 7 insertions, 11 deletions
diff --git a/sys/netinet/ip_icmp.c b/sys/netinet/ip_icmp.c index 0b9889fa983..8b31921e74d 100644 --- a/sys/netinet/ip_icmp.c +++ b/sys/netinet/ip_icmp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_icmp.c,v 1.65 2004/06/22 07:35:20 cedric Exp $ */ +/* $OpenBSD: ip_icmp.c,v 1.66 2005/01/18 22:25:38 claudio Exp $ */ /* $NetBSD: ip_icmp.c,v 1.19 1996/02/13 23:42:22 christos Exp $ */ /* @@ -627,9 +627,8 @@ icmp_reflect(struct mbuf *m) ip->ip_dst = ip->ip_src; /* * If the incoming packet was addressed directly to us, - * use dst as the src for the reply. Otherwise (broadcast - * or anonymous), use the address which corresponds - * to the incoming interface. + * use dst as the src for the reply. For broadcast, use + * the address which corresponds to the incoming interface. */ for (ia = in_ifaddr.tqh_first; ia; ia = ia->ia_list.tqe_next) { if (t.s_addr == ia->ia_addr.sin_addr.s_addr) @@ -638,13 +637,10 @@ icmp_reflect(struct mbuf *m) t.s_addr == ia->ia_broadaddr.sin_addr.s_addr) break; } - icmpdst.sin_addr = t; - if ((ia == (struct in_ifaddr *)0) && (m->m_pkthdr.rcvif != NULL)) - ia = ifatoia(ifaof_ifpforaddr(sintosa(&icmpdst), - m->m_pkthdr.rcvif)); /* - * The following happens if the packet was not addressed to us, - * and was received on an interface with no IP address. + * The following happens if the packet was not addressed to us. + * Use the new source address and do a route lookup. If it fails + * drop the packet as there is no path to the host. */ if (ia == (struct in_ifaddr *)0) { struct sockaddr_in *dst; @@ -654,7 +650,7 @@ icmp_reflect(struct mbuf *m) dst = satosin(&ro.ro_dst); dst->sin_family = AF_INET; dst->sin_len = sizeof(*dst); - dst->sin_addr = t; + dst->sin_addr = ip->ip_src; rtalloc(&ro); if (ro.ro_rt == 0) { |