drop proxied incoming packets if the source IP doesn't match the proxy
This commit is contained in:
parent
bdee276a98
commit
d1d6814e2f
|
@ -252,10 +252,12 @@ void udp_socket::on_read(udp::socket* s, error_code const& e, std::size_t bytes_
|
||||||
try {
|
try {
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if (m_tunnel_packets && m_v4_ep == m_proxy_addr)
|
if (m_tunnel_packets)
|
||||||
{
|
{
|
||||||
l.unlock();
|
l.unlock();
|
||||||
unwrap(e, m_v4_buf, bytes_transferred);
|
// if the source IP doesn't match the proxy's, ignore the packet
|
||||||
|
if (m_v4_ep == m_proxy_addr)
|
||||||
|
unwrap(e, m_v4_buf, bytes_transferred);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
@ -280,10 +282,12 @@ void udp_socket::on_read(udp::socket* s, error_code const& e, std::size_t bytes_
|
||||||
try {
|
try {
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if (m_tunnel_packets && m_v6_ep == m_proxy_addr)
|
if (m_tunnel_packets)
|
||||||
{
|
{
|
||||||
l.unlock();
|
l.unlock();
|
||||||
unwrap(e, m_v6_buf, bytes_transferred);
|
// if the source IP doesn't match the proxy's, ignore the packet
|
||||||
|
if (m_v6_ep == m_proxy_addr)
|
||||||
|
unwrap(e, m_v6_buf, bytes_transferred);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in New Issue