diff options
| -rw-r--r-- | sys/netinet/ip_icmp.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/sys/netinet/ip_icmp.c b/sys/netinet/ip_icmp.c index b84d689..a4e0a96 100644 --- a/sys/netinet/ip_icmp.c +++ b/sys/netinet/ip_icmp.c @@ -543,7 +543,11 @@ reflect: (int)(gw >> 24), (int)((gw >> 16) & 0xff), (int)((gw >> 8) & 0xff), (int)(gw & 0xff)); } - if (drop_redirect) + /* + * RFC1812 says we must ignore ICMP redirects if we + * are acting as router. + */ + if (drop_redirect || ipforwarding) break; if (code > 3) goto badcode; |
