Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. =================================================================== RCS file: /ftp/cvs/cvsroot/src/sys/netinet/ip_input.c,v rcsdiff: /ftp/cvs/cvsroot/src/sys/netinet/ip_input.c,v: warning: Unknown phrases like `commitid ...;' are present. retrieving revision 1.82.2.2.4.1 retrieving revision 1.92.2.1 diff -u -p -r1.82.2.2.4.1 -r1.92.2.1 --- src/sys/netinet/ip_input.c 1999/06/28 06:37:00 1.82.2.2.4.1 +++ src/sys/netinet/ip_input.c 1999/12/27 18:36:16 1.92.2.1 @@ -1,4 +1,33 @@ -/* $NetBSD: ip_input.c,v 1.82.2.2.4.1 1999/06/28 06:37:00 itojun Exp $ */ +/* $NetBSD: ip_input.c,v 1.92.2.1 1999/12/27 18:36:16 wrstuden Exp $ */ + +/* + * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the project nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ /*- * Copyright (c) 1998 The NetBSD Foundation, Inc. @@ -38,35 +67,6 @@ */ /* - * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* * Copyright (c) 1982, 1986, 1988, 1993 * The Regents of the University of California. All rights reserved. * @@ -103,6 +103,7 @@ #include "opt_gateway.h" #include "opt_pfil_hooks.h" +#include "opt_ipsec.h" #include "opt_mrouting.h" #include @@ -140,8 +141,6 @@ #ifdef IPSEC #include -#include -#include #include #include #endif @@ -398,6 +397,14 @@ ip_input(struct mbuf *m) } ip = mtod(m, struct ip *); } + /* + * we drop packets that have a multicast address as source + * as wanted by rfc 1112 + */ + if (IN_MULTICAST(ip->ip_src.s_addr)) { + goto bad; + } + if (in_cksum(m, hlen) != 0) { ipstat.ips_badsum++; goto bad; @@ -413,8 +420,7 @@ ip_input(struct mbuf *m) /* * Check for additional length bogosity */ - if (len < hlen) - { + if (len < hlen) { ipstat.ips_badlen++; goto bad; } @@ -437,11 +443,16 @@ ip_input(struct mbuf *m) m_adj(m, len - m->m_pkthdr.len); } +#ifdef IPSEC + /* ipflow (IP fast fowarding) is not compatible with IPsec. */ + m->m_flags &= ~M_CANFASTFWD; +#else /* * Assume that we can create a fast-forward IP flow entry * based on this packet. */ m->m_flags |= M_CANFASTFWD; +#endif #ifdef PFIL_HOOKS /* @@ -1293,7 +1304,7 @@ ip_forward(m, srcrt) ntohl(ip->ip_src.s_addr), ntohl(ip->ip_dst.s_addr), ip->ip_ttl); #endif - if (m->m_flags & M_BCAST || in_canforward(ip->ip_dst) == 0) { + if (m->m_flags & (M_BCAST|M_MCAST) || in_canforward(ip->ip_dst) == 0) { ipstat.ips_cantforward++; m_freem(m); return; @@ -1537,7 +1548,7 @@ ip_sysctl(name, namelen, oldp, oldlenp, void *newp; size_t newlen; { - extern int subnetsarelocal; + extern int subnetsarelocal, hostzeroisbroadcast; int error, old; @@ -1629,11 +1640,15 @@ ip_sysctl(name, namelen, oldp, oldlenp, return (error); } #endif + case IPCTL_HOSTZEROBROADCAST: + return (sysctl_int(oldp, oldlenp, newp, newlen, + &hostzeroisbroadcast)); #if NGIF > 0 case IPCTL_GIF_TTL: return(sysctl_int(oldp, oldlenp, newp, newlen, - &gif_ttl)); + &ip_gif_ttl)); #endif + default: return (EOPNOTSUPP); }