git.ipfire.org Git - thirdparty/dhcpcd.git/commit

author	Laszlo Toth <laszlth@gmail.com>
	Fri, 23 Dec 2022 13:31:43 +0000 (08:31 -0500)
committer	GitHub <noreply@github.com>
	Fri, 23 Dec 2022 13:31:43 +0000 (13:31 +0000)
commit	79a7f5a48d462205e9b33296c13fe5b85e32be2c
tree	c077a0819ac6dcde82e50114129b59288246c8ff	tree \| snapshot
parent	6a9994bbf00712ace77a835cb7e45558383be673	commit \| diff

arp: ignore invalid ARP probes according to RFC5227 (#145)

Some network devices can send probes where the source address in the frame
does not match the sender in the ARP request, due to firmware bugs or
crafted packets.
Without verification this can cause to fail the defense, so we lose the
address, then request a new one. This might lead to the DHCP address pool
being exhausted and all sorts of problems like frequent IP changes.

A real life example is that some Cisco devices can send ARP probes in bursts,
where the frame's source address is clearly invalid, so hosts running dhcpcd
release addresses frequently, e.g., Raspberry Pis.
Example output:
"invalid ARP probe, sender hw address mismatch (00:be:75:xx:xx:xx, 00:00:00:yy:yy:yy)"

RFC5227, Section 1.1 describes that the two addresses must match in case
of ARP probes, so add the extra check and log a warning if we receive an
invalid packet like that.

Signed-off-by: Laszlo Toth <laszlth@gmail.com>