Date: Thu, 13 Mar 2008 20:58:25 -0400 From: James Snow <snow@teardrop.org> To: freebsd-net@FreeBSD.org Subject: Re: [PATCH] kern/120958: no response to ICMP traffic on interface configured with a link-local address Message-ID: <20080314005825.GD92537@teardrop.org> In-Reply-To: <20080314004007.GC92537@teardrop.org> References: <200802222124.m1MLO7qq012802@freefall.freebsd.org> <47BF46DC.6030700@FreeBSD.org> <20080314004007.GC92537@teardrop.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--VywGB/WGlW4DM4P8
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
On Thu, Mar 13, 2008 at 08:40:07PM -0400, James Snow wrote:
>
> Also, I took a cue from the IN_LINKLOCAL() macro and added two new
> macros to sys/netinet/in.h to perform checks for the loopback network
> and the "zero" network. IN_LOOPBACK() and IN_ZERONET(), respectively.
Woops. I suppose the macros are more useful when they're actually
called.
Attached is a revised patch that performs the check for loopback
addresses less than twice but more than never.
-Snow
--VywGB/WGlW4DM4P8
Content-Type: text/x-diff; charset=us-ascii
Content-Disposition: attachment; filename="link-local-icmp-revised.patch"
diff -ru src/sys/netinet/in.h src.new/sys/netinet/in.h
--- src/sys/netinet/in.h 2007-06-12 16:24:53.000000000 +0000
+++ src.new/sys/netinet/in.h 2008-03-13 10:44:29.000000000 +0000
@@ -379,6 +379,8 @@
#define IN_BADCLASS(i) (((u_int32_t)(i) & 0xf0000000) == 0xf0000000)
#define IN_LINKLOCAL(i) (((u_int32_t)(i) & 0xffff0000) == 0xa9fe0000)
+#define IN_LOOPBACK(i) (((u_int32_t)(i) & 0xff000000) == 0x7f000000)
+#define IN_ZERONET(i) (((u_int32_t)(i) & 0xff000000) == 0)
#define IN_PRIVATE(i) ((((u_int32_t)(i) & 0xff000000) == 0x0a000000) || \
(((u_int32_t)(i) & 0xfff00000) == 0xac100000) || \
diff -ru src/sys/netinet/ip_icmp.c src.new/sys/netinet/ip_icmp.c
--- src/sys/netinet/ip_icmp.c 2007-10-07 20:44:23.000000000 +0000
+++ src.new/sys/netinet/ip_icmp.c 2008-03-14 00:47:44.000000000 +0000
@@ -622,13 +622,15 @@
struct mbuf *opts = 0;
int optlen = (ip->ip_hl << 2) - sizeof(struct ip);
- if (!in_canforward(ip->ip_src) &&
- ((ntohl(ip->ip_src.s_addr) & IN_CLASSA_NET) !=
- (IN_LOOPBACKNET << IN_CLASSA_NSHIFT))) {
+ if (IN_MULTICAST(ntohl(ip->ip_src.s_addr)) ||
+ IN_EXPERIMENTAL(ntohl(ip->ip_src.s_addr)) ||
+ IN_LOOPBACK(ntohl(ip->ip_src.s_addr)) ||
+ IN_ZERONET(ntohl(ip->ip_src.s_addr)) ) {
m_freem(m); /* Bad return address */
icmpstat.icps_badaddr++;
goto done; /* Ip_output() will check for broadcast */
}
+
t = ip->ip_dst;
ip->ip_dst = ip->ip_src;
--VywGB/WGlW4DM4P8--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080314005825.GD92537>