Home Explore Help
Register Sign In
phyus
/
linux-vybrid_public
8
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

ipv6: don't let node/interface scoped multicast traffic escape on the wire

Reported-by: Erik Hugne <erik.hugne@ericsson.com>
Cc: Erik Hugne <erik.hugne@ericsson.com>
Cc: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Acked-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Hannes Frederic Sowa 12 years ago
parent
65ab999da8
commit
dd40851521
1 changed files with 7 additions and 0 deletions
Split View Show Diff Stats
  1. 7 0
      net/ipv6/ip6_output.c

+ 7 - 0
net/ipv6/ip6_output.c
View File 

@@ -120,6 +120,13 @@ static int ip6_finish_output2(struct sk_buff *skb)
 
 
 		IP6_UPD_PO_STATS(dev_net(dev), idev, IPSTATS_MIB_OUTMCAST,
 
 				skb->len);
 
+
 
+		if (IPV6_ADDR_MC_SCOPE(&ipv6_hdr(skb)->daddr) <=
 
+		    IPV6_ADDR_SCOPE_NODELOCAL &&
 
+		    !(dev->flags & IFF_LOOPBACK)) {
 
+			kfree_skb(skb);
 
+			return 0;
 
+		}
 
 	}
 
 
 	rcu_read_lock_bh();