summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
-rw-r--r--pkg/tcpip/network/ipv4/ipv4.go8
-rw-r--r--pkg/tcpip/network/ipv6/ipv6.go8
-rw-r--r--pkg/tcpip/tests/integration/loopback_test.go208
-rw-r--r--pkg/tcpip/tests/integration/route_test.go8
4 files changed, 116 insertions, 116 deletions
diff --git a/pkg/tcpip/network/ipv4/ipv4.go b/pkg/tcpip/network/ipv4/ipv4.go
index a43107d30..a1660e9a3 100644
--- a/pkg/tcpip/network/ipv4/ipv4.go
+++ b/pkg/tcpip/network/ipv4/ipv4.go
@@ -641,7 +641,7 @@ func (e *endpoint) HandlePacket(pkt *stack.PacketBuffer) {
}
if !e.nic.IsLoopback() {
- if e.protocol.options.DropExternalLoopbackTraffic {
+ if !e.protocol.options.AllowExternalLoopbackTraffic {
if header.IsV4LoopbackAddress(h.SourceAddress()) {
stats.InvalidSourceAddressesReceived.Increment()
return
@@ -1230,9 +1230,9 @@ type Options struct {
// IGMP holds options for IGMP.
IGMP IGMPOptions
- // DropExternalLoopbackTraffic indicates that inbound loopback packets (i.e.
- // martian loopback packets) should be dropped.
- DropExternalLoopbackTraffic bool
+ // AllowExternalLoopbackTraffic indicates that inbound loopback packets (i.e.
+ // martian loopback packets) should be accepted.
+ AllowExternalLoopbackTraffic bool
}
// NewProtocolWithOptions returns an IPv4 network protocol.
diff --git a/pkg/tcpip/network/ipv6/ipv6.go b/pkg/tcpip/network/ipv6/ipv6.go
index b94cb428f..83e98bab9 100644
--- a/pkg/tcpip/network/ipv6/ipv6.go
+++ b/pkg/tcpip/network/ipv6/ipv6.go
@@ -931,7 +931,7 @@ func (e *endpoint) HandlePacket(pkt *stack.PacketBuffer) {
}
if !e.nic.IsLoopback() {
- if e.protocol.options.DropExternalLoopbackTraffic {
+ if !e.protocol.options.AllowExternalLoopbackTraffic {
if header.IsV6LoopbackAddress(h.SourceAddress()) {
stats.InvalidSourceAddressesReceived.Increment()
return
@@ -2071,9 +2071,9 @@ type Options struct {
// DADConfigs holds the default DAD configurations used by IPv6 endpoints.
DADConfigs stack.DADConfigurations
- // DropExternalLoopbackTraffic indicates that inbound loopback packets (i.e.
- // martian loopback packets) should be dropped.
- DropExternalLoopbackTraffic bool
+ // AllowExternalLoopbackTraffic indicates that inbound loopback packets (i.e.
+ // martian loopback packets) should be accepted.
+ AllowExternalLoopbackTraffic bool
}
// NewProtocolWithOptions returns an IPv6 network protocol.
diff --git a/pkg/tcpip/tests/integration/loopback_test.go b/pkg/tcpip/tests/integration/loopback_test.go
index 0a9ea1aa8..6462e9d42 100644
--- a/pkg/tcpip/tests/integration/loopback_test.go
+++ b/pkg/tcpip/tests/integration/loopback_test.go
@@ -540,141 +540,141 @@ func TestExternalLoopbackTraffic(t *testing.T) {
}
tests := []struct {
- name string
- dropExternalLoopback bool
- forwarding bool
- rxICMP func(*channel.Endpoint)
- invalidAddressStat func(tcpip.IPStats) *tcpip.StatCounter
- shouldAccept bool
+ name string
+ allowExternalLoopback bool
+ forwarding bool
+ rxICMP func(*channel.Endpoint)
+ invalidAddressStat func(tcpip.IPStats) *tcpip.StatCounter
+ shouldAccept bool
}{
{
- name: "IPv4 external loopback sourced traffic without forwarding and drop external loopback disabled",
- dropExternalLoopback: false,
- forwarding: false,
- rxICMP: loopbackSourcedICMPv4,
- invalidAddressStat: invalidSrcAddrStat,
- shouldAccept: true,
+ name: "IPv4 external loopback sourced traffic without forwarding and drop external loopback disabled",
+ allowExternalLoopback: true,
+ forwarding: false,
+ rxICMP: loopbackSourcedICMPv4,
+ invalidAddressStat: invalidSrcAddrStat,
+ shouldAccept: true,
},
{
- name: "IPv4 external loopback sourced traffic without forwarding and drop external loopback enabled",
- dropExternalLoopback: true,
- forwarding: false,
- rxICMP: loopbackSourcedICMPv4,
- invalidAddressStat: invalidSrcAddrStat,
- shouldAccept: false,
+ name: "IPv4 external loopback sourced traffic without forwarding and drop external loopback enabled",
+ allowExternalLoopback: false,
+ forwarding: false,
+ rxICMP: loopbackSourcedICMPv4,
+ invalidAddressStat: invalidSrcAddrStat,
+ shouldAccept: false,
},
{
- name: "IPv4 external loopback sourced traffic with forwarding and drop external loopback disabled",
- dropExternalLoopback: false,
- forwarding: true,
- rxICMP: loopbackSourcedICMPv4,
- invalidAddressStat: invalidSrcAddrStat,
- shouldAccept: true,
+ name: "IPv4 external loopback sourced traffic with forwarding and drop external loopback disabled",
+ allowExternalLoopback: true,
+ forwarding: true,
+ rxICMP: loopbackSourcedICMPv4,
+ invalidAddressStat: invalidSrcAddrStat,
+ shouldAccept: true,
},
{
- name: "IPv4 external loopback sourced traffic with forwarding and drop external loopback enabled",
- dropExternalLoopback: true,
- forwarding: true,
- rxICMP: loopbackSourcedICMPv4,
- invalidAddressStat: invalidSrcAddrStat,
- shouldAccept: false,
+ name: "IPv4 external loopback sourced traffic with forwarding and drop external loopback enabled",
+ allowExternalLoopback: false,
+ forwarding: true,
+ rxICMP: loopbackSourcedICMPv4,
+ invalidAddressStat: invalidSrcAddrStat,
+ shouldAccept: false,
},
{
- name: "IPv4 external loopback destined traffic without forwarding and drop external loopback disabled",
- dropExternalLoopback: false,
- forwarding: false,
- rxICMP: loopbackDestinedICMPv4,
- invalidAddressStat: invalidDestAddrStat,
- shouldAccept: false,
+ name: "IPv4 external loopback destined traffic without forwarding and drop external loopback disabled",
+ allowExternalLoopback: true,
+ forwarding: false,
+ rxICMP: loopbackDestinedICMPv4,
+ invalidAddressStat: invalidDestAddrStat,
+ shouldAccept: false,
},
{
- name: "IPv4 external loopback destined traffic without forwarding and drop external loopback enabled",
- dropExternalLoopback: true,
- forwarding: false,
- rxICMP: loopbackDestinedICMPv4,
- invalidAddressStat: invalidDestAddrStat,
- shouldAccept: false,
+ name: "IPv4 external loopback destined traffic without forwarding and drop external loopback enabled",
+ allowExternalLoopback: false,
+ forwarding: false,
+ rxICMP: loopbackDestinedICMPv4,
+ invalidAddressStat: invalidDestAddrStat,
+ shouldAccept: false,
},
{
- name: "IPv4 external loopback destined traffic with forwarding and drop external loopback disabled",
- dropExternalLoopback: false,
- forwarding: true,
- rxICMP: loopbackDestinedICMPv4,
- invalidAddressStat: invalidDestAddrStat,
- shouldAccept: true,
+ name: "IPv4 external loopback destined traffic with forwarding and drop external loopback disabled",
+ allowExternalLoopback: true,
+ forwarding: true,
+ rxICMP: loopbackDestinedICMPv4,
+ invalidAddressStat: invalidDestAddrStat,
+ shouldAccept: true,
},
{
- name: "IPv4 external loopback destined traffic with forwarding and drop external loopback enabled",
- dropExternalLoopback: true,
- forwarding: true,
- rxICMP: loopbackDestinedICMPv4,
- invalidAddressStat: invalidDestAddrStat,
- shouldAccept: false,
+ name: "IPv4 external loopback destined traffic with forwarding and drop external loopback enabled",
+ allowExternalLoopback: false,
+ forwarding: true,
+ rxICMP: loopbackDestinedICMPv4,
+ invalidAddressStat: invalidDestAddrStat,
+ shouldAccept: false,
},
{
- name: "IPv6 external loopback sourced traffic without forwarding and drop external loopback disabled",
- dropExternalLoopback: false,
- forwarding: false,
- rxICMP: loopbackSourcedICMPv6,
- invalidAddressStat: invalidSrcAddrStat,
- shouldAccept: true,
+ name: "IPv6 external loopback sourced traffic without forwarding and drop external loopback disabled",
+ allowExternalLoopback: true,
+ forwarding: false,
+ rxICMP: loopbackSourcedICMPv6,
+ invalidAddressStat: invalidSrcAddrStat,
+ shouldAccept: true,
},
{
- name: "IPv6 external loopback sourced traffic without forwarding and drop external loopback enabled",
- dropExternalLoopback: true,
- forwarding: false,
- rxICMP: loopbackSourcedICMPv6,
- invalidAddressStat: invalidSrcAddrStat,
- shouldAccept: false,
+ name: "IPv6 external loopback sourced traffic without forwarding and drop external loopback enabled",
+ allowExternalLoopback: false,
+ forwarding: false,
+ rxICMP: loopbackSourcedICMPv6,
+ invalidAddressStat: invalidSrcAddrStat,
+ shouldAccept: false,
},
{
- name: "IPv6 external loopback sourced traffic with forwarding and drop external loopback disabled",
- dropExternalLoopback: false,
- forwarding: true,
- rxICMP: loopbackSourcedICMPv6,
- invalidAddressStat: invalidSrcAddrStat,
- shouldAccept: true,
+ name: "IPv6 external loopback sourced traffic with forwarding and drop external loopback disabled",
+ allowExternalLoopback: true,
+ forwarding: true,
+ rxICMP: loopbackSourcedICMPv6,
+ invalidAddressStat: invalidSrcAddrStat,
+ shouldAccept: true,
},
{
- name: "IPv6 external loopback sourced traffic with forwarding and drop external loopback enabled",
- dropExternalLoopback: true,
- forwarding: true,
- rxICMP: loopbackSourcedICMPv6,
- invalidAddressStat: invalidSrcAddrStat,
- shouldAccept: false,
+ name: "IPv6 external loopback sourced traffic with forwarding and drop external loopback enabled",
+ allowExternalLoopback: false,
+ forwarding: true,
+ rxICMP: loopbackSourcedICMPv6,
+ invalidAddressStat: invalidSrcAddrStat,
+ shouldAccept: false,
},
{
- name: "IPv6 external loopback destined traffic without forwarding and drop external loopback disabled",
- dropExternalLoopback: false,
- forwarding: false,
- rxICMP: loopbackDestinedICMPv6,
- invalidAddressStat: invalidDestAddrStat,
- shouldAccept: false,
+ name: "IPv6 external loopback destined traffic without forwarding and drop external loopback disabled",
+ allowExternalLoopback: true,
+ forwarding: false,
+ rxICMP: loopbackDestinedICMPv6,
+ invalidAddressStat: invalidDestAddrStat,
+ shouldAccept: false,
},
{
- name: "IPv6 external loopback destined traffic without forwarding and drop external loopback enabled",
- dropExternalLoopback: true,
- forwarding: false,
- rxICMP: loopbackDestinedICMPv6,
- invalidAddressStat: invalidDestAddrStat,
- shouldAccept: false,
+ name: "IPv6 external loopback destined traffic without forwarding and drop external loopback enabled",
+ allowExternalLoopback: false,
+ forwarding: false,
+ rxICMP: loopbackDestinedICMPv6,
+ invalidAddressStat: invalidDestAddrStat,
+ shouldAccept: false,
},
{
- name: "IPv6 external loopback destined traffic with forwarding and drop external loopback disabled",
- dropExternalLoopback: false,
- forwarding: true,
- rxICMP: loopbackDestinedICMPv6,
- invalidAddressStat: invalidDestAddrStat,
- shouldAccept: true,
+ name: "IPv6 external loopback destined traffic with forwarding and drop external loopback disabled",
+ allowExternalLoopback: true,
+ forwarding: true,
+ rxICMP: loopbackDestinedICMPv6,
+ invalidAddressStat: invalidDestAddrStat,
+ shouldAccept: true,
},
{
- name: "IPv6 external loopback destined traffic with forwarding and drop external loopback enabled",
- dropExternalLoopback: true,
- forwarding: true,
- rxICMP: loopbackDestinedICMPv6,
- invalidAddressStat: invalidDestAddrStat,
- shouldAccept: false,
+ name: "IPv6 external loopback destined traffic with forwarding and drop external loopback enabled",
+ allowExternalLoopback: false,
+ forwarding: true,
+ rxICMP: loopbackDestinedICMPv6,
+ invalidAddressStat: invalidDestAddrStat,
+ shouldAccept: false,
},
}
@@ -683,10 +683,10 @@ func TestExternalLoopbackTraffic(t *testing.T) {
s := stack.New(stack.Options{
NetworkProtocols: []stack.NetworkProtocolFactory{
ipv4.NewProtocolWithOptions(ipv4.Options{
- DropExternalLoopbackTraffic: test.dropExternalLoopback,
+ AllowExternalLoopbackTraffic: test.allowExternalLoopback,
}),
ipv6.NewProtocolWithOptions(ipv6.Options{
- DropExternalLoopbackTraffic: test.dropExternalLoopback,
+ AllowExternalLoopbackTraffic: test.allowExternalLoopback,
}),
},
TransportProtocols: []stack.TransportProtocolFactory{icmp.NewProtocol4, icmp.NewProtocol6},
diff --git a/pkg/tcpip/tests/integration/route_test.go b/pkg/tcpip/tests/integration/route_test.go
index 568a982bb..ed499179f 100644
--- a/pkg/tcpip/tests/integration/route_test.go
+++ b/pkg/tcpip/tests/integration/route_test.go
@@ -162,15 +162,15 @@ func TestLocalPing(t *testing.T) {
for _, test := range tests {
t.Run(test.name, func(t *testing.T) {
- for _, dropExternalLoopback := range []bool{true, false} {
- t.Run(fmt.Sprintf("DropExternalLoopback=%t", dropExternalLoopback), func(t *testing.T) {
+ for _, allowExternalLoopback := range []bool{true, false} {
+ t.Run(fmt.Sprintf("AllowExternalLoopback=%t", allowExternalLoopback), func(t *testing.T) {
s := stack.New(stack.Options{
NetworkProtocols: []stack.NetworkProtocolFactory{
ipv4.NewProtocolWithOptions(ipv4.Options{
- DropExternalLoopbackTraffic: dropExternalLoopback,
+ AllowExternalLoopbackTraffic: allowExternalLoopback,
}),
ipv6.NewProtocolWithOptions(ipv6.Options{
- DropExternalLoopbackTraffic: dropExternalLoopback,
+ AllowExternalLoopbackTraffic: allowExternalLoopback,
}),
},
TransportProtocols: []stack.TransportProtocolFactory{icmp.NewProtocol4, icmp.NewProtocol6},