[Sec 2672] On some OSes ::1 can be spoofed, bypassing source IP ACLs: debug output...

bk: 5492d2879rotbnnuVch_ZC3RAfS8AA

diff --git a/ntpd/ntp_io.c b/ntpd/ntp_io.c
index aa415ccc1541ac78177df6f12f576a2ed55a9625..8be7247d34b50d9eb09f3c2a46b7ecfab66c77f0 100644 (file)
--- a/ntpd/ntp_io.c
+++ b/ntpd/ntp_io.c
@@ -3450,8 +3450,12 @@ read_network_packet(
        */
 
        if (AF_INET6 == itf->family) {
-               DPRINTF(1, ("Got an IPv6 packet, from <%s> to <%s>\n",
-                       stoa(&rb->recv_srcadr), stoa(&itf->sin)));
+               DPRINTF(1, ("Got an IPv6 packet, from <%s> (%d) to <%s> (%d)\n",
+                       stoa(&rb->recv_srcadr),
+                       IN6_IS_ADDR_LOOPBACK(&rb->recv_srcadr),
+                       stoa(&itf->sin),
+                       !IN6_IS_ADDR_LOOPBACK(&itf->sin)
+                       ));
        }
 
        if (   AF_INET6 == itf->family