diff options
author | Tom Gundersen <teg@jklm.no> | 2014-04-06 19:35:36 +0200 |
---|---|---|
committer | Tom Gundersen <teg@jklm.no> | 2014-04-06 19:42:11 +0200 |
commit | 0c79c68d93d721d37ba088fb50dbf07bb0d447e5 (patch) | |
tree | 597fbd5e1524af6e0479ceea2813e20148aea653 /src/libsystemd-network/dhcp-network.c | |
parent | 3b7ca119fdc501e21f017695dc9b6f82fdbd1d93 (diff) |
sd-dhcp-client: eagerly drop too small packets
If they are too small to fit the IP+UDP+DHCP headers they can be of no use, so
don't waste resources parsing them. This is at the cost of losing some verbosity
in the logging.
Diffstat (limited to 'src/libsystemd-network/dhcp-network.c')
-rw-r--r-- | src/libsystemd-network/dhcp-network.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/src/libsystemd-network/dhcp-network.c b/src/libsystemd-network/dhcp-network.c index 8bfb2d50af..a9a15b4d5a 100644 --- a/src/libsystemd-network/dhcp-network.c +++ b/src/libsystemd-network/dhcp-network.c @@ -34,11 +34,14 @@ int dhcp_network_bind_raw_socket(int index, union sockaddr_union *link) { struct sock_filter filter[] = { + BPF_STMT(BPF_LD + BPF_W + BPF_LEN, 0), /* A <- packet length */ + BPF_JUMP(BPF_JMP + BPF_JGE + BPF_K, sizeof(DHCPPacket), 1, 0), /* packet >= DHCPPacket ? */ + BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */ BPF_STMT(BPF_LD + BPF_B + BPF_ABS, offsetof(DHCPPacket, ip.protocol)), /* A <- IP protocol */ - BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, IPPROTO_UDP, 1, 0), /* IP protocol = UDP? */ + BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, IPPROTO_UDP, 1, 0), /* IP protocol == UDP ? */ BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */ BPF_STMT(BPF_LD + BPF_H + BPF_ABS, offsetof(DHCPPacket, udp.dest)), /* A <- UDP destination port */ - BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, DHCP_PORT_CLIENT, 1, 0), /* UDP destination port = DHCP client? */ + BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, DHCP_PORT_CLIENT, 1, 0), /* UDP destination port == DHCP client port ? */ BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */ BPF_STMT(BPF_RET + BPF_K, 65535), /* return all */ }; |