diff options
author | Ondrej Zajicek <santiago@crfreenet.org> | 2010-04-04 15:41:31 +0200 |
---|---|---|
committer | Ondrej Zajicek <santiago@crfreenet.org> | 2010-04-04 15:41:31 +0200 |
commit | c429d4a4ba2cc8778634461e8adea33e0f0ae022 (patch) | |
tree | 5cc8102345bf3ce872da92aca84fa63cf67c4e20 /sysdep/bsd | |
parent | d2d2b5d2ae43f608d03304d280367b658650138b (diff) |
Restrict export of device routes to the kernel protocol.
In usual configuration, such export is already restricted
with the aid of the direct protocol but there are some
races that can circumvent it. This makes it harder to
break kernel device routes. Also adds an option to
disable this restriction.
Diffstat (limited to 'sysdep/bsd')
-rw-r--r-- | sysdep/bsd/krt-sock.c | 8 |
1 files changed, 2 insertions, 6 deletions
diff --git a/sysdep/bsd/krt-sock.c b/sysdep/bsd/krt-sock.c index 32c269d4..d991ea13 100644 --- a/sysdep/bsd/krt-sock.c +++ b/sysdep/bsd/krt-sock.c @@ -40,10 +40,6 @@ krt_capable(rte *e) { rta *a = e->attrs; -#ifdef CONFIG_AUTO_ROUTES - if (a->source == RTS_DEVICE) - return 0; -#endif return a->cast == RTC_UNICAST && (a->dest == RTD_ROUTER @@ -163,7 +159,7 @@ krt_sock_send(int cmd, rte *e) #endif if(!i->addr) { - log(L_ERR "KIF: interface \"%s\" has no IP addess", i->name); + log(L_ERR "KRT: interface %s has no IP addess", i->name); return; } @@ -185,7 +181,7 @@ krt_sock_send(int cmd, rte *e) msg.rtm.rtm_msglen = l; if ((l = write(rt_sock, (char *)&msg, l)) < 0) { - log(L_ERR "KIF: Error sending route %I/%d to kernel", net->n.prefix, net->n.pxlen); + log(L_ERR "KRT: Error sending route %I/%d to kernel", net->n.prefix, net->n.pxlen); } } |