2006-05-31 17:07:36

by Amnon Aaronsohn

[permalink] [raw]
Subject: [PATCH] don't automatically drop packets from 0.0.0.0/8

For some reason linux drops all incoming packets which have a source
address in the 0.0.0.0/8 range, although these are valid addresses. The
attached patch fixes this. (It still drops packets coming from 0.0.0.0
since that's a special address.)

Signed-off-by: Amnon Aaronsohn <[email protected]>
---

--- linux-2.6.16.18/net/ipv4/route.c.old 2006-05-30 08:57:42.000000000 +0300
+++ linux-2.6.16.18/net/ipv4/route.c 2006-05-30 08:58:22.000000000 +0300
@@ -1935,7 +1935,7 @@ static int ip_route_input_slow(struct sk
/* Accept zero addresses only to limited broadcast;
* I even do not know to fix it or not. Waiting for complains :-)
*/
- if (ZERONET(saddr))
+ if (saddr == 0)
goto martian_source;

if (BADCLASS(daddr) || ZERONET(daddr) || LOOPBACK(daddr))


2006-05-31 17:27:08

by Stephen Hemminger

[permalink] [raw]
Subject: Re: [PATCH] don't automatically drop packets from 0.0.0.0/8

On Wed, 31 May 2006 20:07:34 +0300 (IDT)
Amnon Aaronsohn <[email protected]> wrote:

> For some reason linux drops all incoming packets which have a source
> address in the 0.0.0.0/8 range, although these are valid addresses. The
> attached patch fixes this. (It still drops packets coming from 0.0.0.0
> since that's a special address.)
>
> Signed-off-by: Amnon Aaronsohn <[email protected]>
> ---
>
> --- linux-2.6.16.18/net/ipv4/route.c.old 2006-05-30 08:57:42.000000000 +0300
> +++ linux-2.6.16.18/net/ipv4/route.c 2006-05-30 08:58:22.000000000 +0300
> @@ -1935,7 +1935,7 @@ static int ip_route_input_slow(struct sk
> /* Accept zero addresses only to limited broadcast;
> * I even do not know to fix it or not. Waiting for complains :-)
> */
> - if (ZERONET(saddr))
> + if (saddr == 0)
> goto martian_source;
>
> if (BADCLASS(daddr) || ZERONET(daddr) || LOOPBACK(daddr))

Per RFC1122:
(a) { 0, 0 }

This host on this network. MUST NOT be sent, except as
a source address as part of an initialization procedure
by which the host learns its own IP address.

See also Section 3.3.6 for a non-standard use of {0,0}.

(b) { 0, <Host-number> }

Specified host on this network. It MUST NOT be sent,
except as a source address as part of an initialization
procedure by which the host learns its full IP address.

So it looks like existing code is correct in dropping packets. Net zero
is intended only for protocols like BOOTP broadcasts.