From 86bd670bb2031a97c59251a6734bdf46455be1a7 Mon Sep 17 00:00:00 2001
From: shin <shin@FreeBSD.org>
Date: Sat, 11 Mar 2000 22:11:57 +0000
Subject: Disable IPv4 over IPv4 tunnel on the 6to4 interface for better
 security.

Approved by: jkh
---
 sys/netinet/in_gif.c | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

(limited to 'sys/netinet/in_gif.c')

diff --git a/sys/netinet/in_gif.c b/sys/netinet/in_gif.c
index 9348a53..0efa40e0 100644
--- a/sys/netinet/in_gif.c
+++ b/sys/netinet/in_gif.c
@@ -154,7 +154,11 @@ in_gif_output(ifp, family, m, rt)
 	iphdr.ip_src = sin_src->sin_addr;
 #ifdef INET6
 	/* XXX: temporal stf support hack */
-	if (bcmp(ifp->if_name, "stf", 3) == 0 && ip6 != NULL) {
+	if (bcmp(ifp->if_name, "stf", 3) == 0) {
+		if (ip6 == NULL) {
+			m_freem(m);
+			return ENETUNREACH;
+		}
 		if (IN6_IS_ADDR_6TO4(&ip6->ip6_dst))
 			iphdr.ip_dst = *GET_V4(&ip6->ip6_dst);
 		else if (rt && rt->rt_gateway->sa_family == AF_INET6) {
@@ -309,6 +313,13 @@ in_gif_input(struct mbuf *m, int off, int proto)
 	case IPPROTO_IPV4:
 	    {
 		struct ip *ip;
+
+#ifdef INET6
+		if (bcmp(gifp->if_name, "stf", 3) == 0) {
+			m_freem(m);
+			return;
+		}
+#endif
 		af = AF_INET;
 		if (m->m_len < sizeof(*ip)) {
 			m = m_pullup(m, sizeof(*ip));
-- 
cgit v1.1