diff options
| author | Felix Fietkau <nbd@openwrt.org> | 2013-01-02 16:14:15 +0100 |
|---|---|---|
| committer | Felix Fietkau <nbd@openwrt.org> | 2013-01-02 16:14:15 +0100 |
| commit | 3c4d560581795dbb6c89ec9f08fade3adcc91024 (patch) | |
| tree | 1b3eb22330e00880921ef4888ad2a34616feee9e | |
| parent | 6dfd8f67760b977ec7e345aece872c2a40a3be1e (diff) | |
add rfc1918 filter check
| -rw-r--r-- | client.c | 17 |
1 files changed, 17 insertions, 0 deletions
@@ -172,8 +172,25 @@ static bool client_init_cb(struct client *cl, char *buf, int len) return true; } +static bool rfc1918_filter_check(struct client *cl) +{ + if (!conf.rfc1918_filter) + return true; + + if (!uh_addr_rfc1918(&cl->peer_addr) || uh_addr_rfc1918(&cl->srv_addr)) + return true; + + uh_client_error(cl, 403, "Forbidden", + "Rejected request from RFC1918 IP " + "to public server address"); + return false; +} + static void client_header_complete(struct client *cl) { + if (!rfc1918_filter_check(cl)) + return; + uh_handle_request(cl); } |