Fix possible IPv6 spoofing

[l2tpns.git] / ppp.c

diff --git a/ppp.c b/ppp.c
index a8a355d..bd70e4d 100644 (file)
--- a/ppp.c
+++ b/ppp.c
@@ -1769,7 +1769,7 @@ void processipin(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l)
        if (!session[s].bundle || bundle[session[s].bundle].num_of_links < 2) // FIXME: 
        {
                // no spoof (do sessionbyip to handled statically routed subnets)
-               if (ip != session[s].ip && sessionbyip(htonl(ip)) != s)
+               if (!config->disable_no_spoof && ip != session[s].ip && sessionbyip(htonl(ip)) != s)
                {
                        LOG(4, s, t, "Dropping packet with spoofed IP %s\n", fmtaddr(htonl(ip), 0));
                        return;
@@ -2244,7 +2244,7 @@ void processipv6in(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l)
                return;
 
        // no spoof
-       if (ipv4 != session[s].ip && memcmp(&config->ipv6_prefix, &ip, 8) && sessionbyipv6(ip) != s)
+       if ((ipv4 != session[s].ip || memcmp(&config->ipv6_prefix, &ip, 8)) && sessionbyipv6(ip) != s)
        {
                char str[INET6_ADDRSTRLEN];
                LOG(5, s, t, "Dropping packet with spoofed IP %s\n",