projects / platform / upstream / systemd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 81ec9ce)
sd-ndisc: drop RA packets from non-link-local addresses
authorTom Gundersen <teg@jklm.no>
Thu, 19 Nov 2015 00:23:24 +0000 (01:23 +0100)
committerTom Gundersen <teg@jklm.no>
Thu, 19 Nov 2015 00:25:40 +0000 (01:25 +0100)
See https://tools.ietf.org/html/rfc4861#section-4.2. Some routers (dnsmasq) will send packets
from global addresses, which would break the default route setup, so ignore those.

This is also what the kernel does.

src/libsystemd-network/sd-ndisc.c patch | blob | history

diff --git a/src/libsystemd-network/sd-ndisc.c b/src/libsystemd-network/sd-ndisc.c
index 6703d87..3bb06f6 100644 (file)
--- a/src/libsystemd-network/sd-ndisc.c
+++ b/src/libsystemd-network/sd-ndisc.c
@@ -508,6 +508,9 @@ static int ndisc_router_advertisment_recv(sd_event_source *s, int fd, uint32_t r
                 return 0;
         }
 
+        if (!in_addr_is_link_local(AF_INET6, (const union in_addr_union*) &router.in6.sin6_addr))
+                return 0;
+
         if (ra->nd_ra_type != ND_ROUTER_ADVERT)
                 return 0;
 
Domain: System / System Framework;