| version 1.24, 2000/07/02 09:56:39 |
version 1.25, 2000/07/06 12:36:19 |
|
|
| (ip6_forward_rt.ro_rt->rt_flags & RTF_UP) != 0 && |
(ip6_forward_rt.ro_rt->rt_flags & RTF_UP) != 0 && |
| IN6_ARE_ADDR_EQUAL(&ip6->ip6_dst, |
IN6_ARE_ADDR_EQUAL(&ip6->ip6_dst, |
| &ip6_forward_rt.ro_dst.sin6_addr)) |
&ip6_forward_rt.ro_dst.sin6_addr)) |
| ; /* cache hit */ |
ip6stat.ip6s_forward_cachehit++; |
| else { |
else { |
| if (ip6_forward_rt.ro_rt) { |
if (ip6_forward_rt.ro_rt) { |
| /* route is down or destination is different */ |
/* route is down or destination is different */ |
| |
ip6stat.ip6s_forward_cachemiss++; |
| RTFREE(ip6_forward_rt.ro_rt); |
RTFREE(ip6_forward_rt.ro_rt); |
| ip6_forward_rt.ro_rt = 0; |
ip6_forward_rt.ro_rt = 0; |
| } |
} |
|
|
| return; |
return; |
| } |
} |
| |
|
| |
ip6 = mtod(m, struct ip6_hdr *); |
| |
|
| |
/* |
| |
* Malicious party may be able to use IPv4 mapped addr to confuse |
| |
* tcp/udp stack and bypass security checks (act as if it was from |
| |
* 127.0.0.1 by using IPv6 src ::ffff:127.0.0.1). Be cautious. |
| |
* |
| |
* For SIIT end node behavior, you may want to disable the check. |
| |
* However, you will become vulnerable to attacks using IPv4 mapped |
| |
* source. |
| |
*/ |
| |
if (IN6_IS_ADDR_V4MAPPED(&ip6->ip6_src) || |
| |
IN6_IS_ADDR_V4MAPPED(&ip6->ip6_dst)) { |
| |
ip6stat.ip6s_badscope++; |
| |
in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_addrerr); |
| |
goto bad; |
| |
} |
| |
|
| /* |
/* |
| * Tell launch routine the next header |
* Tell launch routine the next header |
| */ |
*/ |
![[BACK]](/icons/back.gif){kind=icon}
Return to ip6_input.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [cvs.NetBSD.org] / src / sys / netinet6