From e754a851ff1f3256df85fdd45db2fc5c5c9b8eaa Mon Sep 17 00:00:00 2001 From: Hasso Tepper Date: Sun, 14 Oct 2007 18:15:19 +0000 Subject: [PATCH] According to RFC2711 routers shouldn't treat all packets with a Router Alert hop-by-hop option as 'ours', but examine this datagram more closely - if the router isn't interested in particular protocol it should ignore the packet and forward it as normal. So, treat packets as 'ours' if they are for MLD only. Reported-by: Andrew McDonald Obtained-from: KAME --- sys/netinet6/ip6_input.c | 24 +++++++++++++++++++----- 1 file changed, 19 insertions(+), 5 deletions(-) diff --git a/sys/netinet6/ip6_input.c b/sys/netinet6/ip6_input.c index 05ea0a175a..fc12beb77f 100644 --- a/sys/netinet6/ip6_input.c +++ b/sys/netinet6/ip6_input.c @@ -1,5 +1,5 @@ /* $FreeBSD: src/sys/netinet6/ip6_input.c,v 1.11.2.15 2003/01/24 05:11:35 sam Exp $ */ -/* $DragonFly: src/sys/netinet6/ip6_input.c,v 1.34 2007/05/23 08:57:09 dillon Exp $ */ +/* $DragonFly: src/sys/netinet6/ip6_input.c,v 1.35 2007/10/14 18:15:19 hasso Exp $ */ /* $KAME: ip6_input.c,v 1.259 2002/01/21 04:58:09 jinmei Exp $ */ /* @@ -702,11 +702,25 @@ hbhcheck: nxt = hbh->ip6h_nxt; /* - * accept the packet if a router alert option is included - * and we act as an IPv6 router. + * If we are acting as a router and the packet contains a + * router alert option, see if we know the option value. + * Currently, we only support the option value for MLD, in which + * case we should pass the packet to the multicast routing + * daemon. */ - if (rtalert != ~0 && ip6_forwarding) - ours = 1; + if (rtalert != ~0 && ip6_forwarding) { + switch (rtalert) { + case IP6OPT_RTALERT_MLD: + ours = 1; + break; + default: + /* + * RFC2711 requires unrecognized values must be + * silently ignored. + */ + break; + } + } } else nxt = ip6->ip6_nxt; -- 2.41.0