diff options
| author | Mikael Magnusson <mikma@users.sourceforge.net> | 2020-01-22 10:27:54 +0100 |
|---|---|---|
| committer | Mikael Magnusson <mikma@users.sourceforge.net> | 2020-03-17 19:32:49 +0100 |
| commit | f10dc5ab203ecf9e56f6e69be284855ef0793fad (patch) | |
| tree | bfa7e32934dfcd0f34657e81ec801b122a662698 /pkg/tcpip/network | |
| parent | cb87cbb7e46568c0bab786205369d11a7fc5b268 (diff) | |
Update the TTL field in forwarded packets
Closes: #1085
Diffstat (limited to 'pkg/tcpip/network')
| -rw-r--r-- | pkg/tcpip/network/arp/arp.go | 4 | ||||
| -rw-r--r-- | pkg/tcpip/network/ipv4/ipv4.go | 19 | ||||
| -rw-r--r-- | pkg/tcpip/network/ipv6/ipv6.go | 18 |
3 files changed, 41 insertions, 0 deletions
diff --git a/pkg/tcpip/network/arp/arp.go b/pkg/tcpip/network/arp/arp.go index e9fcc89a8..9ffacd544 100644 --- a/pkg/tcpip/network/arp/arp.go +++ b/pkg/tcpip/network/arp/arp.go @@ -124,6 +124,10 @@ func (e *endpoint) HandlePacket(r *stack.Route, pkt tcpip.PacketBuffer) { } } +func (*endpoint) UpdateTTL(tcpip.PacketBuffer, uint8) *tcpip.Error { + return tcpip.ErrNotSupported +} + // protocol implements stack.NetworkProtocol and stack.LinkAddressResolver. type protocol struct { } diff --git a/pkg/tcpip/network/ipv4/ipv4.go b/pkg/tcpip/network/ipv4/ipv4.go index 4f1742938..9953f83cd 100644 --- a/pkg/tcpip/network/ipv4/ipv4.go +++ b/pkg/tcpip/network/ipv4/ipv4.go @@ -21,6 +21,7 @@ package ipv4 import ( + "fmt" "sync/atomic" "gvisor.dev/gvisor/pkg/tcpip" @@ -407,6 +408,24 @@ func (e *endpoint) HandlePacket(r *stack.Route, pkt tcpip.PacketBuffer) { e.dispatcher.DeliverTransportPacket(r, p, pkt) } +func (*endpoint) UpdateTTL(pkt tcpip.PacketBuffer, n uint8) *tcpip.Error { + headerView := pkt.Header.View() + h := header.IPv4(headerView) + if !h.IsValid(pkt.Data.Size()) { + fmt.Println("Malformed packet", len(h), int(h.HeaderLength()), int(h.TotalLength()), header.IPVersion(h), pkt.Data.Size()) + //r.Stats().IP.MalformedPacketsReceived.Increment() + return tcpip.ErrInvalidOptionValue + } + //pkt.NetworkHeader = headerView[:h.HeaderLength()] + + ttl := h.TTL() + if ttl <= n { + return tcpip.ErrTimeout + } + h.UpdateTTL(n) + return nil +} + // Close cleans up resources associated with the endpoint. func (e *endpoint) Close() {} diff --git a/pkg/tcpip/network/ipv6/ipv6.go b/pkg/tcpip/network/ipv6/ipv6.go index 9aef5234b..df86dd3b2 100644 --- a/pkg/tcpip/network/ipv6/ipv6.go +++ b/pkg/tcpip/network/ipv6/ipv6.go @@ -21,6 +21,7 @@ package ipv6 import ( + "fmt" "sync/atomic" "gvisor.dev/gvisor/pkg/tcpip" @@ -189,6 +190,23 @@ func (e *endpoint) HandlePacket(r *stack.Route, pkt tcpip.PacketBuffer) { e.dispatcher.DeliverTransportPacket(r, p, pkt) } +func (*endpoint) UpdateTTL(pkt tcpip.PacketBuffer, n uint8) *tcpip.Error { + headerView := pkt.Header.View() + h := header.IPv6(headerView) + if !h.IsValid(pkt.Data.Size()) { + fmt.Println("Malformed packet", len(h), header.IPVersion(h), pkt.Data.Size()) + //r.Stats().IP.MalformedPacketsReceived.Increment() + return tcpip.ErrInvalidOptionValue + } + + ttl := h.HopLimit() + if ttl <= n { + return tcpip.ErrTimeout + } + h.SetHopLimit(ttl - n) + return nil +} + // Close cleans up resources associated with the endpoint. func (*endpoint) Close() {} |