svn commit: r207558 - stable/8/sys/netinet
Bruce M Simpson
bms at FreeBSD.org
Mon May 3 09:31:52 UTC 2010
Author: bms
Date: Mon May 3 09:31:51 2010
New Revision: 207558
URL: http://svn.freebsd.org/changeset/base/207558
Log:
MFC r207275:
Fix a regression where DVMRP diagnostic traffic, such as that used
by mrinfo and mtrace, was dropped by the IGMP TTL check. IGMP control
traffic must always have a TTL of 1.
Submitted by: Matthew Luckie
Modified:
stable/8/sys/netinet/igmp.c
Directory Properties:
stable/8/sys/ (props changed)
stable/8/sys/amd64/include/xen/ (props changed)
stable/8/sys/cddl/contrib/opensolaris/ (props changed)
stable/8/sys/contrib/dev/acpica/ (props changed)
stable/8/sys/contrib/pf/ (props changed)
stable/8/sys/dev/xen/xenpci/ (props changed)
stable/8/sys/geom/sched/ (props changed)
Modified: stable/8/sys/netinet/igmp.c
==============================================================================
--- stable/8/sys/netinet/igmp.c Mon May 3 09:28:10 2010 (r207557)
+++ stable/8/sys/netinet/igmp.c Mon May 3 09:31:51 2010 (r207558)
@@ -1468,12 +1468,6 @@ igmp_input(struct mbuf *m, int off)
}
ip = mtod(m, struct ip *);
- if (ip->ip_ttl != 1) {
- IGMPSTAT_INC(igps_rcv_badttl);
- m_freem(m);
- return;
- }
-
/*
* Validate checksum.
*/
@@ -1488,6 +1482,17 @@ igmp_input(struct mbuf *m, int off)
m->m_data -= iphlen;
m->m_len += iphlen;
+ /*
+ * IGMP control traffic is link-scope, and must have a TTL of 1.
+ * DVMRP traffic (e.g. mrinfo, mtrace) is an exception;
+ * probe packets may come from beyond the LAN.
+ */
+ if (igmp->igmp_type != IGMP_DVMRP && ip->ip_ttl != 1) {
+ IGMPSTAT_INC(igps_rcv_badttl);
+ m_freem(m);
+ return;
+ }
+
switch (igmp->igmp_type) {
case IGMP_HOST_MEMBERSHIP_QUERY:
if (igmplen == IGMP_MINLEN) {
More information about the svn-src-stable-8
mailing list