Rafael Zalamena <rzalam...@gmail.com> writes:
> This diff makes dhcrelay(8) drop packets that were not meant for us.
> This is a safety check suggested by jca@ to avoid relaying packets with
> the address of other relays.
>
> ok?
ok
In the commit message please mention that the most likely source of this
kind of packets is the BPF socket.
> Index: dhcrelay.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/dhcrelay/dhcrelay.c,v
> retrieving revision 1.49
> diff -u -p -r1.49 dhcrelay.c
> --- dhcrelay.c 8 Dec 2016 19:18:15 -0000 1.49
> +++ dhcrelay.c 8 Dec 2016 19:52:51 -0000
> @@ -276,6 +276,11 @@ relay(struct interface_info *ip, struct
>
> /* If it's a bootreply, forward it to the client. */
> if (packet->op == BOOTREPLY) {
> + /* Filter packet that were not meant for us. */
> + if (packet->giaddr.s_addr !=
> + interfaces->primary_address.s_addr)
> + return;
> +
> bzero(&to, sizeof(to));
> if (!(packet->flags & htons(BOOTP_BROADCAST))) {
> to.sin_addr = packet->yiaddr;
>
--
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
