| xform_ipip.c (105197) | xform_ipip.c (108172) |
|---|---|
| 1/* $FreeBSD: head/sys/netipsec/xform_ipip.c 105197 2002-10-16 02:10:08Z sam $ */ | 1/* $FreeBSD: head/sys/netipsec/xform_ipip.c 108172 2002-12-22 05:35:03Z hsu $ */ |
| 2/* $OpenBSD: ip_ipip.c,v 1.25 2002/06/10 18:04:55 itojun Exp $ */ 3/* 4 * The authors of this code are John Ioannidis (ji@tla.org), 5 * Angelos D. Keromytis (kermit@csd.uch.gr) and 6 * Niels Provos (provos@physnet.uni-hamburg.de). 7 * 8 * The original version of this code was written by John Ioannidis 9 * for BSD/OS in Athens, Greece, in November 1995. --- 294 unchanged lines hidden (view full) --- 304 default: 305 panic("ipip_input: unknown ip version %u (inner)", v>>4); 306 } 307 308 /* Check for local address spoofing. */ 309 if ((m->m_pkthdr.rcvif == NULL || 310 !(m->m_pkthdr.rcvif->if_flags & IFF_LOOPBACK)) && 311 ipip_allow != 2) { | 2/* $OpenBSD: ip_ipip.c,v 1.25 2002/06/10 18:04:55 itojun Exp $ */ 3/* 4 * The authors of this code are John Ioannidis (ji@tla.org), 5 * Angelos D. Keromytis (kermit@csd.uch.gr) and 6 * Niels Provos (provos@physnet.uni-hamburg.de). 7 * 8 * The original version of this code was written by John Ioannidis 9 * for BSD/OS in Athens, Greece, in November 1995. --- 294 unchanged lines hidden (view full) --- 304 default: 305 panic("ipip_input: unknown ip version %u (inner)", v>>4); 306 } 307 308 /* Check for local address spoofing. */ 309 if ((m->m_pkthdr.rcvif == NULL || 310 !(m->m_pkthdr.rcvif->if_flags & IFF_LOOPBACK)) && 311 ipip_allow != 2) { |
| 312 IFNET_RLOCK(); |
|
| 312 for (ifp = ifnet.tqh_first; ifp != 0; 313 ifp = ifp->if_list.tqe_next) { 314 for (ifa = ifp->if_addrlist.tqh_first; ifa != 0; 315 ifa = ifa->ifa_list.tqe_next) { 316#ifdef INET 317 if (ipo) { 318 if (ifa->ifa_addr->sa_family != 319 AF_INET) 320 continue; 321 322 sin = (struct sockaddr_in *) ifa->ifa_addr; 323 324 if (sin->sin_addr.s_addr == 325 ipo->ip_src.s_addr) { 326 ipipstat.ipips_spoof++; 327 m_freem(m); | 313 for (ifp = ifnet.tqh_first; ifp != 0; 314 ifp = ifp->if_list.tqe_next) { 315 for (ifa = ifp->if_addrlist.tqh_first; ifa != 0; 316 ifa = ifa->ifa_list.tqe_next) { 317#ifdef INET 318 if (ipo) { 319 if (ifa->ifa_addr->sa_family != 320 AF_INET) 321 continue; 322 323 sin = (struct sockaddr_in *) ifa->ifa_addr; 324 325 if (sin->sin_addr.s_addr == 326 ipo->ip_src.s_addr) { 327 ipipstat.ipips_spoof++; 328 m_freem(m); |
| 329 IFNET_RUNLOCK(); |
|
| 328 return; 329 } 330 } 331#endif /* INET */ 332 333#ifdef INET6 334 if (ip6) { 335 if (ifa->ifa_addr->sa_family != 336 AF_INET6) 337 continue; 338 339 sin6 = (struct sockaddr_in6 *) ifa->ifa_addr; 340 341 if (IN6_ARE_ADDR_EQUAL(&sin6->sin6_addr, &ip6->ip6_src)) { 342 ipipstat.ipips_spoof++; 343 m_freem(m); | 330 return; 331 } 332 } 333#endif /* INET */ 334 335#ifdef INET6 336 if (ip6) { 337 if (ifa->ifa_addr->sa_family != 338 AF_INET6) 339 continue; 340 341 sin6 = (struct sockaddr_in6 *) ifa->ifa_addr; 342 343 if (IN6_ARE_ADDR_EQUAL(&sin6->sin6_addr, &ip6->ip6_src)) { 344 ipipstat.ipips_spoof++; 345 m_freem(m); |
| 346 IFNET_RUNLOCK(); |
|
| 344 return; 345 } 346 347 } 348#endif /* INET6 */ 349 } 350 } | 347 return; 348 } 349 350 } 351#endif /* INET6 */ 352 } 353 } |
| 354 IFNET_RUNLOCK(); |
|
| 351 } 352 353 /* Statistics */ 354 ipipstat.ipips_ibytes += m->m_pkthdr.len - iphlen; 355 356 /* 357 * Interface pointer stays the same; if no IPsec processing has 358 * been done (or will be done), this will point to a normal --- 341 unchanged lines hidden --- | 355 } 356 357 /* Statistics */ 358 ipipstat.ipips_ibytes += m->m_pkthdr.len - iphlen; 359 360 /* 361 * Interface pointer stays the same; if no IPsec processing has 362 * been done (or will be done), this will point to a normal --- 341 unchanged lines hidden --- |