ipv6: Don't reduce hop limit for an interface
A local route may have a lower hop_limit set than global routes do. RFC 3756, Section 4.2.7, "Parameter Spoofing" > 1. The attacker includes a Current Hop Limit of one or another small > number which the attacker knows will cause legitimate packets to > be dropped before they reach their destination. > As an example, one possible approach to mitigate this threat is to > ignore very small hop limits. The nodes could implement a > configurable minimum hop limit, and ignore attempts to set it below > said limit. Signed-off-by: D.S. Ljungmark <ljungmark@modio.se> Acked-by: Hannes Frederic Sowa <hannes@stressinduktion.org> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
1452db764c
commit
6fd99094de
|
@ -1218,7 +1218,14 @@ static void ndisc_router_discovery(struct sk_buff *skb)
|
||||||
if (rt)
|
if (rt)
|
||||||
rt6_set_expires(rt, jiffies + (HZ * lifetime));
|
rt6_set_expires(rt, jiffies + (HZ * lifetime));
|
||||||
if (ra_msg->icmph.icmp6_hop_limit) {
|
if (ra_msg->icmph.icmp6_hop_limit) {
|
||||||
in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
|
/* Only set hop_limit on the interface if it is higher than
|
||||||
|
* the current hop_limit.
|
||||||
|
*/
|
||||||
|
if (in6_dev->cnf.hop_limit < ra_msg->icmph.icmp6_hop_limit) {
|
||||||
|
in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
|
||||||
|
} else {
|
||||||
|
ND_PRINTK(2, warn, "RA: Got route advertisement with lower hop_limit than current\n");
|
||||||
|
}
|
||||||
if (rt)
|
if (rt)
|
||||||
dst_metric_set(&rt->dst, RTAX_HOPLIMIT,
|
dst_metric_set(&rt->dst, RTAX_HOPLIMIT,
|
||||||
ra_msg->icmph.icmp6_hop_limit);
|
ra_msg->icmph.icmp6_hop_limit);
|
||||||
|
|
Loading…
Reference in New Issue