proxmox-mirrors/mirror_frr
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_frr synced 2025-08-15 04:47:05 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Block martian address configuration on an interface and also block from

Browse Source 
getting installed into the zebra tables.
This commit is contained in:
Donald Sharp 2015-05-19 17:47:23 -07:00
parent 4468119bd2
commit d914d5ff0e
3 changed files with 32 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
lib/prefix.h
View File

@ -220,13 +220,26 @@ extern void masklen2ip6 (const int, struct in6_addr *);
extern void str2in6_addr (const char *, struct in6_addr *);
extern const char *inet6_ntoa (struct in6_addr);
static inline int ipv6_martian (struct in6_addr *addr)
{
struct in6_addr localhost_addr;
inet_pton (AF_INET6, "::1", &localhost_addr);
if (IPV6_ADDR_SAME(&localhost_addr, addr))
return 1;
return 0;
}
#endif /* HAVE_IPV6 */
extern int all_digit (const char *);
/* NOTE: This routine expects the address argument in network byte order. */
static inline int ipv4_martian (struct in_addr *addr)
{
in_addr_t ip = addr->s_addr;
in_addr_t ip = ntohl(addr->s_addr);
if (IPV4_NET0(ip) || IPV4_NET127(ip) || IPV4_CLASS_DE(ip)) {
return 1;

6
zebra/connected.c
View File

@ -209,6 +209,9 @@ connected_add_ipv4 (struct interface *ifp, int flags, struct in_addr *addr,
struct prefix_ipv4 *p;
struct connected *ifc;
if (ipv4_martian(addr))
return;
/* Make connected structure. */
ifc = connected_new ();
ifc->ifp = ifp;
@ -368,6 +371,9 @@ connected_add_ipv6 (struct interface *ifp, int flags, struct in6_addr *addr,
struct prefix_ipv6 *p;
struct connected *ifc;
if (ipv6_martian(addr))
return;
/* Make connected structure. */
ifc = connected_new ();
ifc->ifp = ifp;

12
zebra/interface.c
View File

@ -1285,6 +1285,12 @@ ip_address_install (struct vty *vty, struct interface *ifp,
return CMD_WARNING;
}
if (ipv4_martian(&cp.prefix))
{
vty_out (vty, "%% Invalid address%s", VTY_NEWLINE);
return CMD_WARNING;
}
ifc = connected_check (ifp, (struct prefix *) &cp);
if (! ifc)
{
@ -1469,6 +1475,12 @@ ipv6_address_install (struct vty *vty, struct interface *ifp,
return CMD_WARNING;
}
if (ipv6_martian(&cp.prefix))
{
vty_out (vty, "%% Invalid address%s", VTY_NEWLINE);
return CMD_WARNING;
}
ifc = connected_check (ifp, (struct prefix *) &cp);
if (! ifc)
{