HomeFreeBSD

Do not forward datagrams originated by link-local addresses

Description

Do not forward datagrams originated by link-local addresses

The current implement of ip_input() reject packets destined for
169.254.0.0/16, but not those original from 169.254.0.0/16 link-local
addresses.

Fix to fully respect RFC 3927 section 2.7.

PR: 255388
Reviewed by: donner, rgrimes, karels
Differential Revision: https://reviews.freebsd.org/D29968
Reviewed by: rgrimes, donner, karels, marcus, emaste
Differential Revision: https://reviews.freebsd.org/D30374

(cherry picked from commit 3d846e48227e2e78c1e7b35145f57353ffda56ba)
(cherry picked from commit 03b0505b8fe848f33f2f38fe89dd5538908c847e)

Details

Provenance
zleiAuthored on May 18 2021, 8:51 PM
donnerCommitted on Jun 17 2021, 8:08 AM
Reviewer
donner
Differential Revision
D29968: Do not forward datagrams original from 169.254.0.0/16 link-local addresses
Parents
rGad2c95130b4b: netgraph/bridge: malloc without flags
Branches
Unknown
Tags
Unknown