#ifndef lint
static char copyright[] =
-"$Id: packet.c,v 1.18.2.2 1999/03/26 16:52:39 mellon Exp $ Copyright (c) 1996 The Internet Software Consortium. All rights reserved.\n";
+"$Id: packet.c,v 1.18.2.3 1999/04/11 20:31:18 mellon Exp $ Copyright (c) 1996 The Internet Software Consortium. All rights reserved.\n";
#endif /* not lint */
#include "dhcpd.h"
/* UDP header and IP header decoded together for convenience. */
-ssize_t decode_udp_ip_header (interface, buf, bufix, from, data, len)
+ssize_t decode_udp_ip_header (interface, buf, bufix, from, data, buflen)
struct interface_info *interface;
unsigned char *buf;
int bufix;
struct sockaddr_in *from;
unsigned char *data;
- int len;
+ int buflen;
{
struct ip *ip;
struct udphdr *udp;
u_int32_t ip_len = (buf [bufix] & 0xf) << 2;
u_int32_t sum, usum;
- static int packets_seen;
- static int packets_bad_checksum;
+ static int ip_packets_seen;
+ static int ip_packets_bad_checksum;
+ static int udp_packets_seen;
+ static int udp_packets_bad_checksum;
+ static int udp_packets_length_checked;
+ static int udp_packets_length_overflow;
+ int len;
ip = (struct ip *)(buf + bufix);
udp = (struct udphdr *)(buf + bufix + ip_len);
#endif /* USERLAND_FILTER */
/* Check the IP header checksum - it should be zero. */
+ ++ip_packets_seen;
if (wrapsum (checksum (buf + bufix, ip_len, 0))) {
- if (packets_seen &&
- (++packets_seen / ++packets_bad_checksum) < 2)
- note ("Bad IP checksum: %x",
- wrapsum (checksum (buf + bufix, sizeof *ip, 0)));
+ ++ip_packets_bad_checksum;
+ if (ip_packets_seen > 4 &&
+ (ip_packets_seen / ip_packets_bad_checksum) < 2) {
+ note ("%d bad IP checksums seen in %d packets",
+ ip_packets_bad_checksum, ip_packets_seen);
+ ip_packets_seen = ip_packets_bad_checksum = 0;
+ }
return -1;
}
+ /* Check the IP packet length. */
+ if (ntohs (ip -> ip_len) != buflen)
+ debug ("ip length %d disagrees with bytes received %d.",
+ ntohs (ip -> ip_len), buflen);
+
/* Copy out the IP source address... */
memcpy (&from -> sin_addr, &ip -> ip_src, 4);
if (!data) {
data = buf + bufix + ip_len + sizeof *udp;
- len -= ip_len + sizeof *udp;
+ len = ntohs (udp -> uh_ulen) - sizeof *udp;
+ ++udp_packets_length_checked;
+ if (len + data > buf + bufix + buflen) {
+ ++udp_packets_length_overflow;
+ if (udp_packets_length_checked > 4 &&
+ (udp_packets_length_checked /
+ udp_packets_length_overflow) < 2) {
+ note ("%d udp packets in %d too long - dropped",
+ udp_packets_length_overflow,
+ udp_packets_length_checked);
+ udp_packets_length_overflow =
+ udp_packets_length_checked = 0;
+ }
+ return -1;
+ }
+ if (len + data != buf + buflen)
+ debug ("accepting packet with data after udp payload.");
}
usum = udp -> uh_sum;
(u_int32_t)
ntohs (udp -> uh_ulen)))));
+ udp_packets_seen++;
if (usum && usum != sum) {
- static int packets_seen;
- static int packets_bad_checksum;
- if (packets_seen &&
- (++packets_seen / ++packets_bad_checksum) < 2)
- note ("Bad udp checksum: %x %x", usum, sum);
+ udp_packets_bad_checksum++;
+ if (udp_packets_seen > 4 &&
+ (udp_packets_seen / udp_packets_bad_checksum) < 2) {
+ note ("%d bad udp checksums in $d packets",
+ udp_packets_bad_checksum, udp_packets_seen);
+ udp_packets_seen = udp_packets_bad_checksum = 0;
+ }
return -1;
}
projects / thirdparty / dhcp.git / commitdiff
