According to RFC2711 routers shouldn't treat all packets with a Router
authorHasso Tepper <hasso@dragonflybsd.org>
Sun, 14 Oct 2007 18:15:19 +0000 (18:15 +0000)
committerHasso Tepper <hasso@dragonflybsd.org>
Sun, 14 Oct 2007 18:15:19 +0000 (18:15 +0000)
Alert hop-by-hop option as 'ours', but examine this datagram more closely -
if the router isn't interested in particular protocol it should ignore the
packet and forward it as normal. So, treat packets as 'ours' if they are
for MLD only.

Reported-by: Andrew McDonald <andrew@mcdonald.org.uk>
Obtained-from: KAME

sys/netinet6/ip6_input.c

index 05ea0a1..fc12beb 100644 (file)
@@ -1,5 +1,5 @@
 /*     $FreeBSD: src/sys/netinet6/ip6_input.c,v 1.11.2.15 2003/01/24 05:11:35 sam Exp $        */
-/*     $DragonFly: src/sys/netinet6/ip6_input.c,v 1.34 2007/05/23 08:57:09 dillon Exp $        */
+/*     $DragonFly: src/sys/netinet6/ip6_input.c,v 1.35 2007/10/14 18:15:19 hasso Exp $ */
 /*     $KAME: ip6_input.c,v 1.259 2002/01/21 04:58:09 jinmei Exp $     */
 
 /*
@@ -702,11 +702,25 @@ hbhcheck:
                nxt = hbh->ip6h_nxt;
 
                /*
-                * accept the packet if a router alert option is included
-                * and we act as an IPv6 router.
+                * If we are acting as a router and the packet contains a
+                * router alert option, see if we know the option value.
+                * Currently, we only support the option value for MLD, in which
+                * case we should pass the packet to the multicast routing
+                * daemon.
                 */
-               if (rtalert != ~0 && ip6_forwarding)
-                       ours = 1;
+               if (rtalert != ~0 && ip6_forwarding) {
+                       switch (rtalert) {
+                       case IP6OPT_RTALERT_MLD:
+                               ours = 1;
+                               break;
+                       default:
+                               /*
+                                * RFC2711 requires unrecognized values must be
+                                * silently ignored.
+                                */
+                               break;
+                       }
+               }
        } else
                nxt = ip6->ip6_nxt;