summaryrefslogtreecommitdiff
path: root/sys
diff options
context:
space:
mode:
authorAngelos D. Keromytis <angelos@cvs.openbsd.org>1999-04-09 19:42:10 +0000
committerAngelos D. Keromytis <angelos@cvs.openbsd.org>1999-04-09 19:42:10 +0000
commitc484101e1bc192709a5eda9420a1f3c50bc43cfd (patch)
treecf6ab436f26d3fea0e751c5e9e529e6d0cebccba /sys
parent8561b8edc0f4ea27b6c8a96a4241e23984aba302 (diff)
Check for local address spoofing on encapsulated packets.
Diffstat (limited to 'sys')
-rw-r--r--sys/netinet/ip_ip4.c33
1 files changed, 30 insertions, 3 deletions
diff --git a/sys/netinet/ip_ip4.c b/sys/netinet/ip_ip4.c
index af4eba0aee3..6337bb7b119 100644
--- a/sys/netinet/ip_ip4.c
+++ b/sys/netinet/ip_ip4.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ip_ip4.c,v 1.26 1999/04/04 21:33:49 deraadt Exp $ */
+/* $OpenBSD: ip_ip4.c,v 1.27 1999/04/09 19:42:09 angelos Exp $ */
/*
* The authors of this code are John Ioannidis (ji@tla.org),
@@ -93,6 +93,9 @@ ip4_input(m, va_alist)
va_dcl
#endif
{
+ register struct ifnet *ifp;
+ register struct ifaddr *ifa;
+ register struct sockaddr_in *sin;
int iphlen;
struct ip *ipo, *ipi;
struct ifqueue *ifq = NULL;
@@ -137,7 +140,6 @@ ip4_input(m, va_alist)
}
ipi = (struct ip *) ((caddr_t) ipo + iphlen);
- ip4stat.ip4s_ibytes += ntohs(ipi->ip_len);
/*
* RFC 1853 specifies that the inner TTL should not be touched on
@@ -149,9 +151,34 @@ ip4_input(m, va_alist)
{
DPRINTF(("ip4_input(): wrong version %d on packet from %s to %s (%s->%s)\n", ipi->ip_v, inet_ntoa4(ipo->ip_src), inet_ntoa4(ipo->ip_dst), inet_ntoa4(ipi->ip_src), inet_ntoa4(ipi->ip_dst)));
ip4stat.ip4s_notip4++;
+ m_freem(m);
return;
}
-
+
+ /*
+ * Check for local address spoofing.
+ */
+ for (ifp = ifnet.tqh_first; ifp != 0; ifp = ifp->if_list.tqe_next)
+ for (ifa = ifp->if_addrlist.tqh_first;
+ ifa != 0;
+ ifa = ifa->ifa_list.tqe_next)
+ {
+ if (ifa->ifa_addr->sa_family != AF_INET)
+ continue;
+
+ sin = (struct sockaddr_in *) ifa->ifa_addr;
+
+ if (sin->sin_addr.s_addr == ipi->ip_src.s_addr)
+ {
+ DPRINTF(("ip_input(): possible local address spoofing detected on packet from %s to %s (%s->%s)\n", inet_ntoa4(ipo->ip_src), inet_ntoa4(ipo->ip_dst), inet_ntoa4(ipi->ip_src), inet_ntoa4(ipi->ip_dst)));
+ m_freem(m);
+ return;
+ }
+ }
+
+ /* Statistics */
+ ip4stat.ip4s_ibytes += ntohs(ipi->ip_len);
+
/*
* Interface pointer is already in first mbuf; chop off the
* `outer' header and reschedule.