HomeFreeBSD

carp: check CARP status in in_localip_fib(), in6_localip_fib()

Description

carp: check CARP status in in_localip_fib(), in6_localip_fib()

Don't report a BACKUP CARP address as local. These two functions are used
only by source address validation for input packets, controlled by sysctls
net.inet.ip.source_address_validation and
net.inet6.ip6.source_address_validation. For this purpose we definitely
want to treat BACKUP addresses as non local.

This change is conservative and doesn't modify compat in_localip() and
in6_localip(). They are used more widely than the FIB-aware versions.
The change would modify the notion of ipfw(4) 'me' keyword. There might
be other consequences as in_localip() is used by various tunneling
protocols.

PR: 277349

Details

Provenance
glebiusAuthored on Mar 19 2024, 6:48 PM
Parents
rG470a2b334661: pf: convert DIOCSETSTATUSIF to netlink
Branches
Unknown
Tags
Unknown