diff options
| author | guido <guido@FreeBSD.org> | 1998-02-16 19:23:58 +0000 |
|---|---|---|
| committer | guido <guido@FreeBSD.org> | 1998-02-16 19:23:58 +0000 |
| commit | 11fbae904270b422a9ad9544d95c00a56f74e51e (patch) | |
| tree | 85ff70e93b1762db61ccff30e92c917bf844db79 | |
| parent | 620810fd0c96fb2b15a15ba8c21d11892452e1d8 (diff) | |
| download | FreeBSD-src-11fbae904270b422a9ad9544d95c00a56f74e51e.zip FreeBSD-src-11fbae904270b422a9ad9544d95c00a56f74e51e.tar.gz | |
Add new sysctl variable: net.inet.ip.accept_sourceroute
It controls if the system is to accept source routed packets.
It used to be such that, no matter if the setting of net.inet.ip.sourceroute,
source routed packets destined at us would be accepted. Now it is
controllable with eth default set to NOT accept those.
| -rw-r--r-- | sys/netinet/in.h | 6 | ||||
| -rw-r--r-- | sys/netinet/ip_input.c | 8 |
2 files changed, 11 insertions, 3 deletions
diff --git a/sys/netinet/in.h b/sys/netinet/in.h index 3f9387d..7daf7a2 100644 --- a/sys/netinet/in.h +++ b/sys/netinet/in.h @@ -31,7 +31,7 @@ * SUCH DAMAGE. * * @(#)in.h 8.3 (Berkeley) 1/3/94 - * $Id: in.h,v 1.26 1997/02/22 09:41:28 peter Exp $ + * $Id: in.h,v 1.27 1997/09/25 00:34:35 wollman Exp $ */ #ifndef _NETINET_IN_H_ @@ -303,7 +303,8 @@ struct ip_mreq { #define IPCTL_INTRQMAXLEN 10 /* max length of netisr queue */ #define IPCTL_INTRQDROPS 11 /* number of netisr q drops */ #define IPCTL_STATS 12 /* ipstat structure */ -#define IPCTL_MAXID 13 +#define IPCTL_ACCEPTSOURCEROUTE 13 /* may accept source routed packets */ +#define IPCTL_MAXID 14 #define IPCTL_NAMES { \ { 0, 0 }, \ @@ -319,6 +320,7 @@ struct ip_mreq { { "intr-queue-maxlen", CTLTYPE_INT }, \ { "intr-queue-drops", CTLTYPE_INT }, \ { "stats", CTLTYPE_STRUCT }, \ + { "accept_sourceroute", CTLTYPE_INT }, \ } diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c index c9a21ae..8449070 100644 --- a/sys/netinet/ip_input.c +++ b/sys/netinet/ip_input.c @@ -31,7 +31,7 @@ * SUCH DAMAGE. * * @(#)ip_input.c 8.2 (Berkeley) 1/4/94 - * $Id: ip_input.c,v 1.76 1998/02/11 18:43:42 guido Exp $ + * $Id: ip_input.c,v 1.77 1998/02/12 03:37:45 ache Exp $ * $ANA: ip_input.c,v 1.5 1996/09/18 14:34:59 wollman Exp $ */ @@ -94,6 +94,10 @@ SYSCTL_INT(_net_inet_ip, IPCTL_DEFTTL, ttl, CTLFLAG_RW, static int ip_dosourceroute = 0; SYSCTL_INT(_net_inet_ip, IPCTL_SOURCEROUTE, sourceroute, CTLFLAG_RW, &ip_dosourceroute, 0, ""); + +static int ip_acceptsourceroute = 0; +SYSCTL_INT(_net_inet_ip, IPCTL_ACCEPTSOURCEROUTE, accept_sourceroute, + CTLFLAG_RW, &ip_acceptsourceroute, 0, ""); #ifdef DIAGNOSTIC static int ipprintfs = 0; #endif @@ -965,6 +969,8 @@ ip_dooptions(m) /* * End of source route. Should be for us. */ + if (!ip_acceptsourceroute) + goto nosourcerouting; save_rte(cp, ip->ip_src); break; } |
