[IGMP]: workaround for IGMP v1/v2 bug

From: David Stevens <dlstevens@us.ibm.com> As explained at: http://www.cs.ucsb.edu/~krishna/igmp_dos/ With IGMP version 1 and 2 it is possible to inject a unicast report to a client which will make it ignore multicast reports sent later by the router. The fix is to only accept the report if is was sent to a multicast or unicast address. Signed-off-by: David S. Miller <davem@davemloft.net>
author: David Stevens <dlstevens@us.ibm.com> 2005-12-02 20:32:59 -0800
committer: David S. Miller <davem@davemloft.net> 2005-12-02 20:32:59 -0800
commit: 24c6927505ca77ee4ac25fb31dcd56f6506979ed (patch)
tree: 17d873b63f0ce24b81e184f2515f2b643143e48e /net/ipv6
parent: bf031fff1fac77775b2cd2c72ad8b017f4c0af13 (diff)
download: op-kernel-dev-24c6927505ca77ee4ac25fb31dcd56f6506979ed.zip
op-kernel-dev-24c6927505ca77ee4ac25fb31dcd56f6506979ed.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/net/ipv6/mcast.c b/net/ipv6/mcast.c
index f15e04a..fd939da 100644
--- a/net/ipv6/mcast.c
+++ b/net/ipv6/mcast.c
@@ -1231,6 +1231,11 @@ int igmp6_event_report(struct sk_buff *skb)
 	if (skb->pkt_type == PACKET_LOOPBACK)
 		return 0;
 
+	/* send our report if the MC router may not have heard this report */
+	if (skb->pkt_type != PACKET_MULTICAST &&
+	    skb->pkt_type != PACKET_BROADCAST)
+		return 0;
+
 	if (!pskb_may_pull(skb, sizeof(struct in6_addr)))
 		return -EINVAL;
author	David Stevens <dlstevens@us.ibm.com>	2005-12-02 20:32:59 -0800
committer	David S. Miller <davem@davemloft.net>	2005-12-02 20:32:59 -0800
commit	24c6927505ca77ee4ac25fb31dcd56f6506979ed (patch)
tree	17d873b63f0ce24b81e184f2515f2b643143e48e /net/ipv6
parent	bf031fff1fac77775b2cd2c72ad8b017f4c0af13 (diff)
download	op-kernel-dev-24c6927505ca77ee4ac25fb31dcd56f6506979ed.zip op-kernel-dev-24c6927505ca77ee4ac25fb31dcd56f6506979ed.tar.gz