Merge branch 'master' of git://tinc-vpn.org/tinc into 1.1
This commit is contained in:
Guus Sliepen
commit
36623e15a1
1 changed files with 16 additions and 3 deletions
19
src/route.c
19
src/route.c
|
|
@ -88,13 +88,14 @@ static bool ratelimit(int frequency) {
|
||||||
time_t now = time(NULL);
|
time_t now = time(NULL);
|
||||||
|
|
||||||
if(lasttime == now) {
|
if(lasttime == now) {
|
||||||
if(++count > frequency)
|
if(count >= frequency)
|
||||||
return true;
|
return true;
|
||||||
} else {
|
} else {
|
||||||
lasttime = now;
|
lasttime = now;
|
||||||
count = 0;
|
count = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
count++;
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -416,6 +417,11 @@ static void route_ipv4_unicast(node_t *source, vpn_packet_t *packet) {
|
||||||
packet->priority = packet->data[15];
|
packet->priority = packet->data[15];
|
||||||
|
|
||||||
via = (subnet->owner->via == myself) ? subnet->owner->nexthop : subnet->owner->via;
|
via = (subnet->owner->via == myself) ? subnet->owner->nexthop : subnet->owner->via;
|
||||||
|
|
||||||
|
if(via == source) {
|
||||||
|
ifdebug(TRAFFIC) logger(LOG_ERR, "Routing loop for packet from %s (%s)!", source->name, source->hostname);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
if(directonly && subnet->owner != via)
|
if(directonly && subnet->owner != via)
|
||||||
return route_ipv4_unreachable(source, packet, ICMP_DEST_UNREACH, ICMP_NET_ANO);
|
return route_ipv4_unreachable(source, packet, ICMP_DEST_UNREACH, ICMP_NET_ANO);
|
||||||
|
|
@ -568,6 +574,11 @@ static void route_ipv6_unicast(node_t *source, vpn_packet_t *packet) {
|
||||||
|
|
||||||
via = (subnet->owner->via == myself) ? subnet->owner->nexthop : subnet->owner->via;
|
via = (subnet->owner->via == myself) ? subnet->owner->nexthop : subnet->owner->via;
|
||||||
|
|
||||||
|
if(via == source) {
|
||||||
|
ifdebug(TRAFFIC) logger(LOG_ERR, "Routing loop for packet from %s (%s)!", source->name, source->hostname);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
if(directonly && subnet->owner != via)
|
if(directonly && subnet->owner != via)
|
||||||
return route_ipv6_unreachable(source, packet, ICMP6_DST_UNREACH, ICMP6_DST_UNREACH_ADMIN);
|
return route_ipv6_unreachable(source, packet, ICMP6_DST_UNREACH, ICMP6_DST_UNREACH_ADMIN);
|
||||||
|
|
||||||
|
|
@ -888,7 +899,8 @@ static bool do_decrement_ttl(node_t *source, vpn_packet_t *packet) {
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
if(packet->data[22] < 1) {
|
if(packet->data[22] < 1) {
|
||||||
route_ipv4_unreachable(source, packet, ICMP_TIME_EXCEEDED, ICMP_EXC_TTL);
|
if(packet->data[25] != IPPROTO_ICMP || packet->data[46] != ICMP_TIME_EXCEEDED)
|
||||||
|
route_ipv4_unreachable(source, packet, ICMP_TIME_EXCEEDED, ICMP_EXC_TTL);
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -910,7 +922,8 @@ static bool do_decrement_ttl(node_t *source, vpn_packet_t *packet) {
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
if(packet->data[21] < 1) {
|
if(packet->data[21] < 1) {
|
||||||
route_ipv6_unreachable(source, packet, ICMP6_TIME_EXCEEDED, ICMP6_TIME_EXCEED_TRANSIT);
|
if(packet->data[20] != IPPROTO_ICMPV6 || packet->data[54] != ICMP6_TIME_EXCEEDED)
|
||||||
|
route_ipv6_unreachable(source, packet, ICMP6_TIME_EXCEEDED, ICMP6_TIME_EXCEED_TRANSIT);
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue