From 6ae83404afcfdcc02966487973eef354969984f5 Mon Sep 17 00:00:00 2001
From: Ghanan Gowripalan <ghanan@google.com>
Date: Tue, 29 Sep 2020 16:52:14 -0700
Subject: Don't allow broadcast/multicast source address

As per relevant IP RFCS (see code comments), broadcast (for IPv4) and
multicast addresses are not allowed. Currently checks for these are
done at the transport layer, but since it is explicitly forbidden at
the IP layers, check for them there.

This change also removes the UDP.InvalidSourceAddress stat since there
is no longer a need for it.

Test: ip_test.TestSourceAddressValidation
PiperOrigin-RevId: 334490971
---
 pkg/tcpip/tcpip.go | 3 ---
 1 file changed, 3 deletions(-)

(limited to 'pkg/tcpip/tcpip.go')

diff --git a/pkg/tcpip/tcpip.go b/pkg/tcpip/tcpip.go
index 0d4a803ff..c42bb0991 100644
--- a/pkg/tcpip/tcpip.go
+++ b/pkg/tcpip/tcpip.go
@@ -1622,9 +1622,6 @@ type UDPStats struct {
 
 	// ChecksumErrors is the number of datagrams dropped due to bad checksums.
 	ChecksumErrors *StatCounter
-
-	// InvalidSourceAddress is the number of invalid sourced datagrams dropped.
-	InvalidSourceAddress *StatCounter
 }
 
 // Stats holds statistics about the networking stack.
-- 
cgit v1.2.3