From 4ac1a263960dd8d535dcc15f30856d07c01ac2e4 Mon Sep 17 00:00:00 2001 From: fendo Date: Sun, 17 Mar 2013 20:14:05 +0100 Subject: [PATCH] Fix possible IPv6 spoofing --- ppp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ppp.c b/ppp.c index 893ceb9..bd70e4d 100644 --- a/ppp.c +++ b/ppp.c @@ -2244,7 +2244,7 @@ void processipv6in(sessionidt s, tunnelidt t, uint8_t *p, uint16_t l) return; // no spoof - if (ipv4 != session[s].ip && memcmp(&config->ipv6_prefix, &ip, 8) && sessionbyipv6(ip) != s) + if ((ipv4 != session[s].ip || memcmp(&config->ipv6_prefix, &ip, 8)) && sessionbyipv6(ip) != s) { char str[INET6_ADDRSTRLEN]; LOG(5, s, t, "Dropping packet with spoofed IP %s\n", -- 2.20.1