diff options
| author | Ruslan Ermilov <ru@FreeBSD.org> | 2002-01-21 13:59:42 +0000 |
|---|---|---|
| committer | Ruslan Ermilov <ru@FreeBSD.org> | 2002-01-21 13:59:42 +0000 |
| commit | 8c3f5566ae88cb964dfde24b207227909192e3cb (patch) | |
| tree | 6cecccfcce8ba963366f38dec8a33a0d11d783df /sys | |
| parent | f4604902609affa2de5d6e17a392f99d6a5bd019 (diff) | |
| download | src-8c3f5566ae88cb964dfde24b207227909192e3cb.tar.gz src-8c3f5566ae88cb964dfde24b207227909192e3cb.zip | |
RFC1122 requires that addresses of the form { 127, <any> } MUST NOT
appear outside a host.
PR: 30792, 33996
Obtained from: ip_input.c
MFC after: 1 week
Notes
Notes:
svn path=/head/; revision=89614
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/netinet/ip_output.c | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/sys/netinet/ip_output.c b/sys/netinet/ip_output.c index 6185db0f0705..af06486163d6 100644 --- a/sys/netinet/ip_output.c +++ b/sys/netinet/ip_output.c @@ -422,9 +422,19 @@ ip_output(m0, opt, ro, flags, imo) goto bad; } + /* 127/8 must not appear on wire - RFC1122. */ + if ((ntohl(ip->ip_dst.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET || + (ntohl(ip->ip_src.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) { + if ((ifp->if_flags & IFF_LOOPBACK) == 0) { + ipstat.ips_badaddr++; + error = EADDRNOTAVAIL; + goto bad; + } + } + /* * Look for broadcast address and - * and verify user is allowed to send + * verify user is allowed to send * such a packet. */ if (isbroadcast) { |