Skip to content

Commit

Permalink
Improve logging on rejected packets
Browse files Browse the repository at this point in the history
  • Loading branch information
thomaseizinger committed Oct 16, 2024
1 parent 7acf1ac commit c5b706a
Show file tree
Hide file tree
Showing 2 changed files with 39 additions and 14 deletions.
26 changes: 20 additions & 6 deletions src/iface/interface/ipv4.rs
Original file line number Diff line number Diff line change
Expand Up @@ -181,13 +181,27 @@ impl InterfaceInner {
{
// Ignore IP packets not directed at us, or broadcast, or any of the multicast groups.
// If AnyIP is enabled, also check if the packet is routed locally.
if !self.any_ip
|| !ipv4_repr.dst_addr.x_is_unicast()
|| self
.routes
.lookup(&IpAddress::Ipv4(ipv4_repr.dst_addr), self.now)
.map_or(true, |router_addr| !self.has_ip_addr(router_addr))

if !self.any_ip {
net_trace!("Rejecting IPv4 packet; any_ip=false");
return None;
}

if !ipv4_repr.dst_addr.x_is_unicast() {
net_trace!(
"Rejecting IPv4 packet; {} is not a unicast address",
ipv4_repr.dst_addr
);
return None;
}

if self
.routes
.lookup(&IpAddress::Ipv4(ipv4_repr.dst_addr), self.now)
.map_or(true, |router_addr| !self.has_ip_addr(router_addr))
{
net_trace!("Rejecting IPv4 packet; no matching routes");

return None;
}
}
Expand Down
27 changes: 19 additions & 8 deletions src/iface/interface/ipv6.rs
Original file line number Diff line number Diff line change
Expand Up @@ -212,15 +212,26 @@ impl InterfaceInner {
&& !self.has_multicast_group(ipv6_repr.dst_addr)
&& !ipv6_repr.dst_addr.is_loopback()
{
// If AnyIP is enabled, also check if the packet is routed locally.
if !self.any_ip
|| !ipv6_repr.dst_addr.x_is_unicast()
|| self
.routes
.lookup(&IpAddress::Ipv6(ipv6_repr.dst_addr), self.now)
.map_or(true, |router_addr| !self.has_ip_addr(router_addr))
if !self.any_ip {
net_trace!("Rejecting IPv6 packet; any_ip=false");
return None;
}

if !ipv6_repr.dst_addr.x_is_unicast() {
net_trace!(
"Rejecting IPv6 packet; {} is not a unicast address",
ipv6_repr.dst_addr
);
return None;
}

if self
.routes
.lookup(&IpAddress::Ipv6(ipv6_repr.dst_addr), self.now)
.map_or(true, |router_addr| !self.has_ip_addr(router_addr))
{
net_trace!("packet IP address not for this interface");
net_trace!("Rejecting IPv6 packet; no matching routes");

return None;
}
}
Expand Down

0 comments on commit c5b706a

Please sign in to comment.