in_broadcast() called for almost every packet in ip_output()
Ryan Stone
rysto32 at gmail.com
Wed Jul 20 23:57:40 UTC 2016
Ok, this should address the issue in ip_output() for everything: TCP, UDP,
forwarded packets, raw sockets. I've tested UDP and icmp traffic with both
broadcast and unicast addresses and everything seems correct.
https://reviews.freebsd.org/D7266
Unfortunately, I also notice that udp_input() calls in_broadcast() on every
input UDP packet:
https://svnweb.freebsd.org/base/head/sys/netinet/udp_usrreq.c?revision=301717&view=markup#l524
Would it be correct to check for M_BCAST on the packet before checking for
for a broadcast IP address? I don't believe that there would be any
security concerns with that approach. If somebody injected a UDP packet
with a broadcast IP address but a unicast MAC address, we would try to look
up a pcb that matched, fail to find anything, and then drop the packet.
More information about the freebsd-transport
mailing list