When we have a published ARP entry for some IP address, do reply on

ARP requests only on the network where this IP address belong, to. Before this change we did replied on all interfaces. This could lead to an IP address conflict with host we are doing ARP proxy for. PR: kern/75634 Reviewed by: andre
author: glebius <glebius@FreeBSD.org> 2005-08-25 13:25:57 +0000
committer: glebius <glebius@FreeBSD.org> 2005-08-25 13:25:57 +0000
commit: fe6f4bd975a926dd4ef5530064fd7adc06e1fceb (patch)
tree: c8b71fad515c495a0f43956ba5b392b99c95439d /sys/netinet/if_ether.c
parent: 6dd061bc1cbebd33498cd9f21e6af6b55f35b13b (diff)
download: FreeBSD-src-fe6f4bd975a926dd4ef5530064fd7adc06e1fceb.zip
FreeBSD-src-fe6f4bd975a926dd4ef5530064fd7adc06e1fceb.tar.gz
1 files changed, 9 insertions, 0 deletions
diff --git a/sys/netinet/if_ether.c b/sys/netinet/if_ether.c
index 434fa7d..63ea545 100644
--- a/sys/netinet/if_ether.c
+++ b/sys/netinet/if_ether.c
@@ -851,6 +851,15 @@ reply:
 			       inet_ntoa(itaddr));
 #endif
 		} else {
+			/*
+			 * Return proxied ARP replies only on the interface
+			 * where this network resides. Otherwise we may
+			 * conflict with the host we are proxying for.
+			 */
+			if (rt->rt_ifp != ifp) {
+				RT_UNLOCK(rt);
+				goto drop;
+			}
 			sdl = SDL(rt->rt_gateway);
 			(void)memcpy(ar_tha(ah), ar_sha(ah), ah->ar_hln);
 			(void)memcpy(ar_sha(ah), LLADDR(sdl), ah->ar_hln);
author	glebius <glebius@FreeBSD.org>	2005-08-25 13:25:57 +0000
committer	glebius <glebius@FreeBSD.org>	2005-08-25 13:25:57 +0000
commit	fe6f4bd975a926dd4ef5530064fd7adc06e1fceb (patch)
tree	c8b71fad515c495a0f43956ba5b392b99c95439d /sys/netinet/if_ether.c
parent	6dd061bc1cbebd33498cd9f21e6af6b55f35b13b (diff)
download	FreeBSD-src-fe6f4bd975a926dd4ef5530064fd7adc06e1fceb.zip FreeBSD-src-fe6f4bd975a926dd4ef5530064fd7adc06e1fceb.tar.gz