diff options
author | Ghanan Gowripalan <ghanan@google.com> | 2021-09-13 19:40:40 -0700 |
---|---|---|
committer | gVisor bot <gvisor-bot@google.com> | 2021-09-13 19:42:55 -0700 |
commit | 226e7d32cb855e69b3bf7a28791a17235074e49a (patch) | |
tree | d40c71a0b58d8db82816a75a24a81622f15415b6 /pkg | |
parent | 4795e08359118c6c3e7376e795009db153c6da1c (diff) |
Accept packets destined to bound address
...if bound to an address.
We previously checked the source of a packet instead of the destination
of a packet when bound to an address.
PiperOrigin-RevId: 396497647
Diffstat (limited to 'pkg')
-rw-r--r-- | pkg/tcpip/transport/raw/endpoint.go | 9 |
1 files changed, 4 insertions, 5 deletions
diff --git a/pkg/tcpip/transport/raw/endpoint.go b/pkg/tcpip/transport/raw/endpoint.go index 3bf6c0a8f..4a5858bdd 100644 --- a/pkg/tcpip/transport/raw/endpoint.go +++ b/pkg/tcpip/transport/raw/endpoint.go @@ -562,8 +562,6 @@ func (e *endpoint) HandlePacket(pkt *stack.PacketBuffer) { return } - remoteAddr := pkt.Network().SourceAddress() - if e.bound { // If bound to a NIC, only accept data for that NIC. if e.BindNICID != 0 && e.BindNICID != pkt.NICID { @@ -572,16 +570,17 @@ func (e *endpoint) HandlePacket(pkt *stack.PacketBuffer) { return } // If bound to an address, only accept data for that address. - if e.BindAddr != "" && e.BindAddr != remoteAddr { + if e.BindAddr != "" && e.BindAddr != pkt.Network().DestinationAddress() { e.rcvMu.Unlock() e.mu.RUnlock() return } } + srcAddr := pkt.Network().SourceAddress() // If connected, only accept packets from the remote address we // connected to. - if e.connected && e.route.RemoteAddress() != remoteAddr { + if e.connected && e.route.RemoteAddress() != srcAddr { e.rcvMu.Unlock() e.mu.RUnlock() return @@ -593,7 +592,7 @@ func (e *endpoint) HandlePacket(pkt *stack.PacketBuffer) { packet := &rawPacket{ senderAddr: tcpip.FullAddress{ NIC: pkt.NICID, - Addr: remoteAddr, + Addr: srcAddr, }, } |