diff options
-rw-r--r-- | sys/netinet/ip_input.c | 33 |
1 files changed, 31 insertions, 2 deletions
diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c index f7457607ee8..f7797d04a28 100644 --- a/sys/netinet/ip_input.c +++ b/sys/netinet/ip_input.c @@ -45,6 +45,7 @@ #include <sys/errno.h> #include <sys/time.h> #include <sys/kernel.h> +#include <sys/syslog.h> #include <net/if.h> #include <net/route.h> @@ -69,6 +70,7 @@ #endif int ipforwarding = IPFORWARDING; int ipsendredirects = IPSENDREDIRECTS; +int ip_dosourceroute = 0; /* no source routing unless sysctl'd to enable */ int ip_defttl = IPDEFTTL; #ifdef DIAGNOSTIC int ipprintfs = 0; @@ -81,6 +83,18 @@ int ipqmaxlen = IFQ_MAXLEN; struct in_ifaddrhead in_ifaddr; struct ifqueue ipintrq; +char * +inet_ntoa(ina) + struct in_addr ina; +{ + static char buf[4*sizeof "123"]; + unsigned char *ucp = (unsigned char *)&ina; + + sprintf(buf, "%d.%d.%d.%d", ucp[0] & 0xff, ucp[1] & 0xff, + ucp[2] & 0xff, ucp[3] & 0xff); + return (buf); +} + /* * We need to save the IP options in case a protocol wants to respond * to an incoming packet over the same route if the packet got here @@ -690,6 +704,19 @@ ip_dooptions(m) save_rte(cp, ip->ip_src); break; } + + if (!ip_dosourceroute) { + char buf[4*sizeof "123"]; + + strcpy(buf, inet_ntoa(ip->ip_dst)); + log(LOG_WARNING, + "attempted source route from %s to %s\n", + inet_ntoa(ip->ip_src), buf); + type = ICMP_UNREACH; + code = ICMP_UNREACH_SRCFAIL; + goto bad; + } + /* * locate outgoing interface */ @@ -993,8 +1020,8 @@ ip_forward(m, srcrt) dest = 0; #ifdef DIAGNOSTIC if (ipprintfs) - printf("forward: src %x dst %x ttl %x\n", ip->ip_src, - ip->ip_dst, ip->ip_ttl); + printf("forward: src %lx dst %x ttl %x\n", ip->ip_src.s_addr, + ip->ip_dst.s_addr, ip->ip_ttl); #endif if (m->m_flags & M_BCAST || in_canforward(ip->ip_dst) == 0) { ipstat.ips_cantforward++; @@ -1139,6 +1166,8 @@ ip_sysctl(name, namelen, oldp, oldlenp, newp, newlen) case IPCTL_DEFMTU: return (sysctl_int(oldp, oldlenp, newp, newlen, &ip_mtu)); #endif + case IPCTL_SOURCEROUTE: + return (sysctl_int(oldp, oldlenp, newp, newlen, &ip_dosourceroute)); default: return (EOPNOTSUPP); } |