drop proxied incoming packets if the source IP doesn't match the proxy

2010-08-20 07:13:05 +00:00 · 2010-08-20 07:13:05 +00:00 · d1d6814e2f
parent bdee276a98
commit d1d6814e2f
1 changed files with 8 additions and 4 deletions
--- a/src/udp_socket.cpp
+++ b/src/udp_socket.cpp
@ -252,10 +252,12 @@ void udp_socket::on_read(udp::socket* s, error_code const& e, std::size_t bytes_
 		try {
 #endif

-		if (m_tunnel_packets && m_v4_ep == m_proxy_addr)
+		if (m_tunnel_packets)
 		{
 			l.unlock();
-			unwrap(e, m_v4_buf, bytes_transferred);
+			// if the source IP doesn't match the proxy's, ignore the packet
+			if (m_v4_ep == m_proxy_addr)
+				unwrap(e, m_v4_buf, bytes_transferred);
 		}
 		else
 		{
@ -280,10 +282,12 @@ void udp_socket::on_read(udp::socket* s, error_code const& e, std::size_t bytes_
 		try {
 #endif

-		if (m_tunnel_packets && m_v6_ep == m_proxy_addr)
+		if (m_tunnel_packets)
 		{
 			l.unlock();
-			unwrap(e, m_v6_buf, bytes_transferred);
+			// if the source IP doesn't match the proxy's, ignore the packet
+			if (m_v6_ep == m_proxy_addr)
+				unwrap(e, m_v6_buf, bytes_transferred);
 		}
 		else
 		{