Merge pull request #289 from neilalexander/tunicmpv6

Don't process ICMPv6 messages when in TUN mode
This commit is contained in:
Neil Alexander 2018-12-26 23:18:23 +00:00 committed by GitHub
commit a71c5dd887
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 12 additions and 5 deletions

View File

@ -156,6 +156,9 @@ func (i *icmpv6) parse_packet_tun(datain []byte, datamac *[]byte) ([]byte, error
// Check for a supported message type // Check for a supported message type
switch icmpv6Header.Type { switch icmpv6Header.Type {
case ipv6.ICMPTypeNeighborSolicitation: case ipv6.ICMPTypeNeighborSolicitation:
if !i.tun.iface.IsTAP() {
return nil, errors.New("Ignoring Neighbor Solicitation in TUN mode")
}
response, err := i.handle_ndp(datain[ipv6.HeaderLen:]) response, err := i.handle_ndp(datain[ipv6.HeaderLen:])
if err == nil { if err == nil {
// Create our ICMPv6 response // Create our ICMPv6 response
@ -173,6 +176,9 @@ func (i *icmpv6) parse_packet_tun(datain []byte, datamac *[]byte) ([]byte, error
return nil, err return nil, err
} }
case ipv6.ICMPTypeNeighborAdvertisement: case ipv6.ICMPTypeNeighborAdvertisement:
if !i.tun.iface.IsTAP() {
return nil, errors.New("Ignoring Neighbor Advertisement in TUN mode")
}
if datamac != nil { if datamac != nil {
var addr address.Address var addr address.Address
var target address.Address var target address.Address

View File

@ -214,11 +214,12 @@ func (tun *tunAdapter) read() error {
continue continue
} }
if buf[o+6] == 58 { if buf[o+6] == 58 {
// Found an ICMPv6 packet if tun.iface.IsTAP() {
b := make([]byte, n) // Found an ICMPv6 packet
copy(b, buf) b := make([]byte, n)
// tun.icmpv6.recv <- b copy(b, buf)
go tun.icmpv6.parse_packet(b) go tun.icmpv6.parse_packet(b)
}
} }
packet := append(util.GetBytes(), buf[o:n]...) packet := append(util.GetBytes(), buf[o:n]...)
tun.send <- packet tun.send <- packet