Return to BSD News archive
Path: sserve!newshost.anu.edu.au!harbinger.cc.monash.edu.au!bunyip.cc.uq.oz.au!uqvax!ccdanny From: ccdanny@uqvax.cc.uq.oz.au (Danny Smith, Prentice Centre, The Univ. of Qld.) Newsgroups: comp.os.386bsd.bugs Subject: Disabling Source Routing (was: An Official Complaint about FreeBSD) Date: 31 Jan 95 08:31:04 AEST Organization: University Of Queensland Lines: 56 Message-ID: <1995Jan31.083104.1@uqvax> References: <3gcr6g$fij@satisfied.elf.com> Reply-To: D.Smith@cc.uq.oz.au NNTP-Posting-Host: uqvax.cc.uq.oz.au In article <3gcr6g$fij@satisfied.elf.com>, *Hobbit* <hobbit@asylum.sf.ca.us> writes: > Today I discovered that the FreeBSD kernel, despite being compiled without > GATEWAY, forwards source-routed IP. I'll bet NetBSD does too, but I haven't > checked. Yes it does. Very similar code. I made some changes in-house. Hope these help. Have defined a config option NOSRCROUTE and performed syslogging on any attempt to source route through the box. /usr/src/sys/netinet/ip_input.c *** ip_input.c.orig Wed May 18 08:31:10 1994 --- ip_input.c Mon Dec 12 09:53:31 1994 *************** *** 55,60 **** --- 55,63 ---- #include "in_var.h" #include "ip_var.h" #include "ip_icmp.h" + #ifdef NOSRCROUTE + #include "syslog.h" + #endif static void ip_freef(struct ipq *); static void ip_enq(struct ipasfrag *, struct ipasfrag *); *************** *** 653,658 **** --- 656,677 ---- */ case IPOPT_LSRR: case IPOPT_SSRR: + #ifdef NOSRCROUTE + { + char *p, *q; + + p = (char *)& ip->ip_dst; + q = (char *)& ip->ip_src; + #define UC(b) (((int)b)&0xff) + + log( LOG_DEBUG, "Attempt to Source Route to %d.%d.%d.%d from %d.%d.%d.%d", + UC(p[0]), UC(p[1]), UC(p[2]), UC(p[3]), + UC(q[0]), UC(q[1]), UC(q[2]), UC(q[3])); + type = ICMP_UNREACH; + code = ICMP_UNREACH_SRCFAIL; + goto bad; + } + #endif if ((off = cp[IPOPT_OFFSET]) < IPOPT_MINOFF) { code = &cp[IPOPT_OFFSET] - (u_char *)ip; goto bad; ========================================================================== Danny Smith | Phone: +61 7 365 4105 The Prentice Centre | Fax: +61 7 365 4477 The University of Queensland | Qld. 4072. Australia | Internet: D.Smith@cc.uq.edu.au