Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

===================================================================
RCS file: /ftp/cvs/cvsroot/src/sys/netinet/ip_input.c,v
rcsdiff: /ftp/cvs/cvsroot/src/sys/netinet/ip_input.c,v: warning: Unknown phrases like `commitid ...;' are present.
retrieving revision 1.82.2.2
retrieving revision 1.82.2.4
diff -u -p -r1.82.2.2 -r1.82.2.4
--- src/sys/netinet/ip_input.c	1999/05/03 22:22:42	1.82.2.2
+++ src/sys/netinet/ip_input.c	2000/02/12 18:10:24	1.82.2.4
@@ -1,4 +1,4 @@
-/*	$NetBSD: ip_input.c,v 1.82.2.2 1999/05/03 22:22:42 perry Exp $	*/
+/*	$NetBSD: ip_input.c,v 1.82.2.4 2000/02/12 18:10:24 he Exp $	*/
 
 /*-
  * Copyright (c) 1998 The NetBSD Foundation, Inc.
@@ -340,6 +340,16 @@ next:
 		}
 		ip = mtod(m, struct ip *);
 	}
+
+	/*
+	 * RFC1122: packets with a multicast source address are
+	 * not allowed.
+	 */
+	if (IN_MULTICAST(ip->ip_src.s_addr)) {
+		/* XXX stat */
+		goto bad;
+	}
+
 	if (in_cksum(m, hlen) != 0) {
 		ipstat.ips_badsum++;
 		goto bad;
@@ -1227,7 +1237,7 @@ ip_forward(m, srcrt)
 		    ntohl(ip->ip_src.s_addr),
 		    ntohl(ip->ip_dst.s_addr), ip->ip_ttl);
 #endif
-	if (m->m_flags & M_BCAST || in_canforward(ip->ip_dst) == 0) {
+	if (m->m_flags & (M_BCAST|M_MCAST) || in_canforward(ip->ip_dst) == 0) {
 		ipstat.ips_cantforward++;
 		m_freem(m);
 		return;