Rafael Zalamena <rzalam...@gmail.com> writes: > This diff makes dhcrelay(8) drop packets that were not meant for us. > This is a safety check suggested by jca@ to avoid relaying packets with > the address of other relays. > > ok?
ok In the commit message please mention that the most likely source of this kind of packets is the BPF socket. > Index: dhcrelay.c > =================================================================== > RCS file: /cvs/src/usr.sbin/dhcrelay/dhcrelay.c,v > retrieving revision 1.49 > diff -u -p -r1.49 dhcrelay.c > --- dhcrelay.c 8 Dec 2016 19:18:15 -0000 1.49 > +++ dhcrelay.c 8 Dec 2016 19:52:51 -0000 > @@ -276,6 +276,11 @@ relay(struct interface_info *ip, struct > > /* If it's a bootreply, forward it to the client. */ > if (packet->op == BOOTREPLY) { > + /* Filter packet that were not meant for us. */ > + if (packet->giaddr.s_addr != > + interfaces->primary_address.s_addr) > + return; > + > bzero(&to, sizeof(to)); > if (!(packet->flags & htons(BOOTP_BROADCAST))) { > to.sin_addr = packet->yiaddr; > -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE