filter vlan and svlan packets by default.

author: dlg <dlg@openbsd.org> 2020-07-22 04:08:46 +0000
committer: dlg <dlg@openbsd.org> 2020-07-22 04:08:46 +0000
commit: 0f419ffabcb34b4f98b4d63408dda3cfb0034339 (patch)
tree: 38787014789459d809afc7af067a3e29cbb3232b /sys/net/if_tpmr.c
parent: Change tpmr(4) from ifconfig [-]trunkport to add|del synopsis (diff)
download: wireguard-openbsd-0f419ffabcb34b4f98b4d63408dda3cfb0034339.tar.xz
wireguard-openbsd-0f419ffabcb34b4f98b4d63408dda3cfb0034339.zip
1 files changed, 22 insertions, 1 deletions
diff --git a/sys/net/if_tpmr.c b/sys/net/if_tpmr.c
index b5debe57b21..e6b50e02065 100644
--- a/sys/net/if_tpmr.c
+++ b/sys/net/if_tpmr.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: if_tpmr.c,v 1.13 2020/07/22 02:43:06 kn Exp $ */
+/*	$OpenBSD: if_tpmr.c,v 1.14 2020/07/22 04:08:46 dlg Exp $ */
 
 /*
  * Copyright (c) 2019 The University of Queensland
@@ -219,6 +219,23 @@ tpmr_clone_destroy(struct ifnet *ifp)
 }
 
 static int
+tpmr_vlan_filter(const struct mbuf *m)
+{
+	const struct ether_header *eh;
+
+	eh = mtod(m, struct ether_header *);
+	switch (ntohs(eh->ether_type)) {
+	case ETHERTYPE_VLAN:
+	case ETHERTYPE_QINQ:
+		return (1);
+	default:
+		break;
+	}
+
+	return (0);
+}
+
+static int
 tpmr_8021q_filter(const struct mbuf *m)
 {
 	const struct ether_header *eh;
@@ -313,6 +330,10 @@ tpmr_input(struct ifnet *ifp0, struct mbuf *m, void *brport)
 	}
 #endif
 
+	if (!ISSET(ifp->if_flags, IFF_LINK2) &&
+	    tpmr_vlan_filter(m))
+		goto drop;
+
 	if (!ISSET(ifp->if_flags, IFF_LINK0) &&
 	    tpmr_8021q_filter(m))
 		goto drop;
author	dlg <dlg@openbsd.org>	2020-07-22 04:08:46 +0000
committer	dlg <dlg@openbsd.org>	2020-07-22 04:08:46 +0000
commit	0f419ffabcb34b4f98b4d63408dda3cfb0034339 (patch)
tree	38787014789459d809afc7af067a3e29cbb3232b /sys/net/if_tpmr.c
parent	Change tpmr(4) from ifconfig [-]trunkport to add\|del synopsis (diff)
download	wireguard-openbsd-0f419ffabcb34b4f98b4d63408dda3cfb0034339.tar.xz wireguard-openbsd-0f419ffabcb34b4f98b4d63408dda3cfb0034339.zip