On Tue, Mar 06, 2012 at 03:52:46AM +0800, Marek Lindner wrote:
On Monday, March 05, 2012 15:51:51 Antonio Quartulli wrote:
in case of a broadcast packet, the result of the ap_isolated check is always false (since we have no ff:ff:ff:ff:ff:ff client to check for TT_CLIENT_WIFI), therefore we can avoid searching the translation table and we can return false directly
How about also checking the source address ?
Actually I assumed that "legal" data only is passed to this function and so there should be no need to check for the source address as well.
But I think this assumption is wrong, right? Actually the "internal" data of a unicast/broadcast packet is never checked and so I should not assume that the addresses passed to this function are legal.
You probably also should add similar checks for tt_local_add() ?
Yep, we probably want to have the same checks in tt_local_add() because a wired client could send any spoofed packet and we should protect our tables from them.
Or do we have "legal" cases in which we announce multicast addresses ?
Not that I know (right now)
Cheers, and greetings from Bruxelles