summaryrefslogtreecommitdiff
path: root/sys
diff options
context:
space:
mode:
Diffstat (limited to 'sys')
-rw-r--r--sys/netinet/ip_input.c12
-rw-r--r--sys/netinet/ip_var.h3
2 files changed, 13 insertions, 2 deletions
diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c
index f6474023c70..ad21ded43b5 100644
--- a/sys/netinet/ip_input.c
+++ b/sys/netinet/ip_input.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ip_input.c,v 1.61 2000/12/03 19:56:20 angelos Exp $ */
+/* $OpenBSD: ip_input.c,v 1.62 2001/03/03 01:00:19 itojun Exp $ */
/* $NetBSD: ip_input.c,v 1.30 1996/03/16 23:53:58 christos Exp $ */
/*
@@ -372,6 +372,16 @@ ipv4_input(struct mbuf *m, ...)
}
ip = mtod(m, struct ip *);
}
+
+ /* 127/8 must not appear on wire - RFC1122 */
+ if ((ntohl(ip->ip_dst.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET ||
+ (ntohl(ip->ip_src.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) {
+ if ((m->m_pkthdr.rcvif->if_flags & IFF_LOOPBACK) == 0) {
+ ipstat.ips_badaddr++;
+ goto bad;
+ }
+ }
+
if ((ip->ip_sum = in_cksum(m, hlen)) != 0) {
ipstat.ips_badsum++;
goto bad;
diff --git a/sys/netinet/ip_var.h b/sys/netinet/ip_var.h
index cb39663c35d..4d005563a2b 100644
--- a/sys/netinet/ip_var.h
+++ b/sys/netinet/ip_var.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ip_var.h,v 1.14 2000/09/18 22:06:38 provos Exp $ */
+/* $OpenBSD: ip_var.h,v 1.15 2001/03/03 01:00:19 itojun Exp $ */
/* $NetBSD: ip_var.h,v 1.16 1996/02/13 23:43:20 christos Exp $ */
/*
@@ -146,6 +146,7 @@ struct ipstat {
u_long ips_rcvmemdrop; /* frags dropped for lack of memory */
u_long ips_toolong; /* ip length > max ip packet size */
u_long ips_nogif; /* no match gif found */
+ u_long ips_badaddr; /* invalid address on header */
};
#ifdef _KERNEL
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-14 02:45:21 +0000