diff options
| author | andre <andre@FreeBSD.org> | 2004-01-06 23:20:07 +0000 |
|---|---|---|
| committer | andre <andre@FreeBSD.org> | 2004-01-06 23:20:07 +0000 |
| commit | f14c2fc588e4dcc51227a1abd222b96189aabcea (patch) | |
| tree | b5c50f092af9c552504c3b7feeec05177c60b8ff /sys | |
| parent | fbfb1488fd64e44ed8f93cf88a2d5b8323f363d3 (diff) | |
| download | FreeBSD-src-f14c2fc588e4dcc51227a1abd222b96189aabcea.zip FreeBSD-src-f14c2fc588e4dcc51227a1abd222b96189aabcea.tar.gz | |
According to RFC1812 we have to ignore ICMP redirects when we
are acting as router (ipforwarding enabled).
This doesn't fix the problem that host routes from ICMP redirects
are never removed from the kernel routing table but removes the
problem for machines doing packet forwarding.
Reviewed by: sam (mentor)
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/netinet/ip_icmp.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/sys/netinet/ip_icmp.c b/sys/netinet/ip_icmp.c index b84d689..a4e0a96 100644 --- a/sys/netinet/ip_icmp.c +++ b/sys/netinet/ip_icmp.c @@ -543,7 +543,11 @@ reflect: (int)(gw >> 24), (int)((gw >> 16) & 0xff), (int)((gw >> 8) & 0xff), (int)(gw & 0xff)); } - if (drop_redirect) + /* + * RFC1812 says we must ignore ICMP redirects if we + * are acting as router. + */ + if (drop_redirect || ipforwarding) break; if (code > 3) goto badcode; |
