mirror of
https://github.com/opnsense/src.git
synced 2026-06-13 18:50:31 -04:00
tcp: fix local blackholing
The sysctl-variable net.inet.tcp.blackhole_local should affect TCP segments from an IPv6 address of the local host, not of a host on the local area network. Thanks to cc@ for pointing me to the issue. Reviewed by: cc MFC after: 1 week Sponsored by: Netflix, Inc. Differential Revision: https://reviews.freebsd.org/D50828
This commit is contained in:
Michael Tuexen
parent
3353f39cfc
commit
de8fb1b383
1 changed files with 1 additions and 1 deletions
|
|
@ -1385,7 +1385,7 @@ dropwithreset:
|
|||
((V_blackhole == 1 && (thflags & TH_SYN)) || V_blackhole > 1))) &&
|
||||
(V_blackhole_local || (
|
||||
#ifdef INET6
|
||||
isipv6 ? !in6_localaddr(&ip6->ip6_src) :
|
||||
isipv6 ? !in6_localip(&ip6->ip6_src) :
|
||||
#endif
|
||||
#ifdef INET
|
||||
!in_localip(ip->ip_src)
|
||||
|
|
|
|||
Loading…
Reference in a new issue