diff options
author | Richard Basch <probe@mit.edu> | 1993-03-22 08:48:05 +0000 |
---|---|---|
committer | Richard Basch <probe@mit.edu> | 1993-03-22 08:48:05 +0000 |
commit | 7737d3bad5e9d27c720142204dd7a9f0bf66840c (patch) | |
tree | 9ce0b48e143c98e7e41dd18668a9b627fba9b11f /server/dispatch.c | |
parent | 75563982e38a977faf0842ae477aca7a9626d466 (diff) |
Discard packets that are faking their source address.
Only permissible exception: authentic and source is 0.0.0.0.
Diffstat (limited to 'server/dispatch.c')
-rw-r--r-- | server/dispatch.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/server/dispatch.c b/server/dispatch.c index 834386d..a3f241a 100644 --- a/server/dispatch.c +++ b/server/dispatch.c @@ -387,6 +387,18 @@ sendit(notice, auth, who) /* max size is 255.255.255.255 */ char buffer[16]; (void) strcpy(buffer, inet_ntoa(who->sin_addr)); + if (!auth) { + syslog(LOG_WARNING, "sendit unauthentic fake packet: claimed %s, real %s", + inet_ntoa(notice->z_sender_addr), buffer); + clt_ack(notice, who, AUTH_FAILED); + return; + } + if (ntohl(notice->z_sender_addr.s_addr) != 0) { + syslog(LOG_WARNING, "sendit invalid address: claimed %s, real %s", + inet_ntoa(notice->z_sender_addr), buffer); + clt_ack(notice, who, AUTH_FAILED); + return; + } syslog(LOG_WARNING, "sendit addr mismatch: claimed %s, real %s", inet_ntoa(notice->z_sender_addr), buffer); } |