Commit 113d2b3f authored by Jonathon Duerig's avatar Jonathon Duerig

Added an explicit check for IP addresses using reserved or broadcast IP...

Added an explicit check for IP addresses using reserved or broadcast IP addresses. Currently, this only checks for addresses which have a host portion with all '0' bits or all '1' bits.
parent cbde5a67
......@@ -670,6 +670,18 @@ LanLink instproc set_fixed_iface {node iface} {
}
}
# Check the IP address against its mask and ensure that the host
# portion of the IP address is not all '0's (reserved) or all '1's
# (broadcast).
LanLink instproc check-ip-mask {ip mask} {
set ipint [inet_atohl $ip]
set maskint [inet_atohl $mask]
set maskinverse [expr (~ $maskint)]
set remainder [expr ($ipint & $maskinverse)]
if {$remainder == 0 || $remainder == $maskinverse} {
perror "\[check-ip-mask] IP address $ip with netmask $mask has either all '0's (reserved) or all '1's (broadcast) in the host portion of the address."
}
}
Link instproc updatedb {DB} {
$self instvar toqueue
......@@ -752,6 +764,8 @@ Link instproc updatedb {DB} {
set port [lindex $nodeport 1]
set ip [$node ip $port]
$self check-ip-mask $ip $netmask
set nodeportraw [join $nodeport ":"]
set fields [list "vname" "member" "mask" "delay" "rdelay" "bandwidth" "rbandwidth" "lossrate" "rlossrate" "cost" "widearea" "emulated" "uselinkdelay" "nobwshaping" "encap_style" "q_limit" "q_maxthresh" "q_minthresh" "q_weight" "q_linterm" "q_qinbytes" "q_bytes" "q_meanpsize" "q_wait" "q_setbit" "q_droptail" "q_red" "q_gentle" "trivial_ok" "protocol" "vnode" "vport" "ip" "mustdelay"]
......@@ -907,6 +921,8 @@ Lan instproc updatedb {DB} {
set port [lindex $nodeport 1]
set ip [$node ip $port]
$self check-ip-mask $ip $netmask
set nodeportraw [join $nodeport ":"]
set is_accesspoint 0
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment