git: 5bfaf4a161da - stable/14 - udp: fix local blackholing
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 04 Sep 2025 20:04:04 UTC
The branch stable/14 has been updated by tuexen:
URL: https://cgit.FreeBSD.org/src/commit/?id=5bfaf4a161da1fe8bc296f1651f350c1d14518dd
commit 5bfaf4a161da1fe8bc296f1651f350c1d14518dd
Author: Michael Tuexen <tuexen@FreeBSD.org>
AuthorDate: 2025-06-13 20:57:16 +0000
Commit: Michael Tuexen <tuexen@FreeBSD.org>
CommitDate: 2025-09-04 20:03:42 +0000
udp: fix local blackholing
The sysctl-variable net.inet.udp.blackhole_local should affect
UDP packets from an IPv6 address of the local host, not of a host on
the local area network.
Thanks to cc@ for pointing me to the issue.
Reviewed by: cc
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D50829
(cherry picked from commit 16587f60a69820f1a319644da4ec1a40efbcbdf0)
---
sys/netinet6/udp6_usrreq.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/sys/netinet6/udp6_usrreq.c b/sys/netinet6/udp6_usrreq.c
index 066cf79c3a07..736f2da5c0ad 100644
--- a/sys/netinet6/udp6_usrreq.c
+++ b/sys/netinet6/udp6_usrreq.c
@@ -514,7 +514,7 @@ skip_checksum:
goto badunlocked;
}
if (V_udp_blackhole && (V_udp_blackhole_local ||
- !in6_localaddr(&ip6->ip6_src)))
+ !in6_localip(&ip6->ip6_src)))
goto badunlocked;
icmp6_error(m, ICMP6_DST_UNREACH, ICMP6_DST_UNREACH_NOPORT, 0);
*mp = NULL;