c2accd9f9c
Avoid forwarding ip unicast packets which were contained inside link-level multicast packets; having M_MCAST still set in the packet header flags will mean that the packet will get multicast to a bogus group instead of unicast to the next hop. Malformed packets like this have occasionally been spotted "in the wild" on a mediaone cable modem segment which also had multiple netbsd machines running as router/NAT boxes. Without this, any subnet with multiple netbsd routers receiving all multicasts will generate a packet storm on receipt of such a multicast. Note that we already do the same check here for link-level broadcasts; ip6_forward already does this as well. Note that multicast forwarding does not go through ip_forward(). Adding some code to if_ethersubr to sanity check link-level vs. ip-level multicast addresses might also be worthwhile. |
||
|---|---|---|
| bin | ||
| distrib | ||
| etc | ||
| games | ||
| gnu | ||
| include | ||
| lib | ||
| libexec | ||
| regress | ||
| sbin | ||
| share | ||
| sys | ||
| usr.bin | ||
| usr.sbin | ||
| Makefile | ||