sd-ndisc: drop RA packets from non-link-local addresses

See https://tools.ietf.org/html/rfc4861#section-4.2. Some routers (dnsmasq) will send packets from global addresses, which would break the default route setup, so ignore those. This is also what the kernel does.
author: Tom Gundersen <teg@jklm.no> 2015-11-19 01:23:24 +0100
committer: Tom Gundersen <teg@jklm.no> 2015-11-19 01:25:40 +0100
commit: 3ccd316353532ff60326e91153677c308c032ecb (patch)
tree: f061178b11059bae8233c6341ee2b058e9ae678f /src/libsystemd-network/sd-ndisc.c
parent: 81ec9ce4a71e44c29231d813b8847ebafc11b36e (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/src/libsystemd-network/sd-ndisc.c b/src/libsystemd-network/sd-ndisc.c
index 6703d87bc4..3bb06f6892 100644
--- a/src/libsystemd-network/sd-ndisc.c
+++ b/src/libsystemd-network/sd-ndisc.c
@@ -508,6 +508,9 @@ static int ndisc_router_advertisment_recv(sd_event_source *s, int fd, uint32_t r
                 return 0;
         }
 
+        if (!in_addr_is_link_local(AF_INET6, (const union in_addr_union*) &router.in6.sin6_addr))
+                return 0;
+
         if (ra->nd_ra_type != ND_ROUTER_ADVERT)
                 return 0;
author	Tom Gundersen <teg@jklm.no>	2015-11-19 01:23:24 +0100
committer	Tom Gundersen <teg@jklm.no>	2015-11-19 01:25:40 +0100
commit	3ccd316353532ff60326e91153677c308c032ecb (patch)
tree	f061178b11059bae8233c6341ee2b058e9ae678f /src/libsystemd-network/sd-ndisc.c
parent	81ec9ce4a71e44c29231d813b8847ebafc11b36e (diff)