svn commit: r207558 - stable/8/sys/netinet

Bruce M Simpson bms at FreeBSD.org
Mon May 3 09:31:52 UTC 2010


Author: bms
Date: Mon May  3 09:31:51 2010
New Revision: 207558
URL: http://svn.freebsd.org/changeset/base/207558

Log:
  MFC r207275:
    Fix a regression where DVMRP diagnostic traffic, such as that used
    by mrinfo and mtrace, was dropped by the IGMP TTL check. IGMP control
    traffic must always have a TTL of 1.
  
  Submitted by:	Matthew Luckie

Modified:
  stable/8/sys/netinet/igmp.c
Directory Properties:
  stable/8/sys/   (props changed)
  stable/8/sys/amd64/include/xen/   (props changed)
  stable/8/sys/cddl/contrib/opensolaris/   (props changed)
  stable/8/sys/contrib/dev/acpica/   (props changed)
  stable/8/sys/contrib/pf/   (props changed)
  stable/8/sys/dev/xen/xenpci/   (props changed)
  stable/8/sys/geom/sched/   (props changed)

Modified: stable/8/sys/netinet/igmp.c
==============================================================================
--- stable/8/sys/netinet/igmp.c	Mon May  3 09:28:10 2010	(r207557)
+++ stable/8/sys/netinet/igmp.c	Mon May  3 09:31:51 2010	(r207558)
@@ -1468,12 +1468,6 @@ igmp_input(struct mbuf *m, int off)
 	}
 	ip = mtod(m, struct ip *);
 
-	if (ip->ip_ttl != 1) {
-		IGMPSTAT_INC(igps_rcv_badttl);
-		m_freem(m);
-		return;
-	}
-
 	/*
 	 * Validate checksum.
 	 */
@@ -1488,6 +1482,17 @@ igmp_input(struct mbuf *m, int off)
 	m->m_data -= iphlen;
 	m->m_len += iphlen;
 
+	/*
+	 * IGMP control traffic is link-scope, and must have a TTL of 1.
+	 * DVMRP traffic (e.g. mrinfo, mtrace) is an exception;
+	 * probe packets may come from beyond the LAN.
+	 */
+	if (igmp->igmp_type != IGMP_DVMRP && ip->ip_ttl != 1) {
+		IGMPSTAT_INC(igps_rcv_badttl);
+		m_freem(m);
+		return;
+	}
+
 	switch (igmp->igmp_type) {
 	case IGMP_HOST_MEMBERSHIP_QUERY:
 		if (igmplen == IGMP_MINLEN) {


More information about the svn-src-all mailing list