From faf7d93f34f588e0a8b1f1acc9ab421702831dc4 Mon Sep 17 00:00:00 2001
From: Dmitry Kozlov <xeb@mail.ru>
Date: Wed, 8 Sep 2021 16:59:16 +0300
Subject: ipoe: check for local-net in arp requests

---
 accel-pppd/ctrl/ipoe/arp.c          |  3 +++
 accel-pppd/ctrl/ipoe/ipoe.c         | 20 +++++++++++++++++++-
 accel-pppd/ctrl/ipoe/ipoe.h         |  2 ++
 accel-pppd/ctrl/ipoe/ipoe_netlink.c |  2 --
 4 files changed, 24 insertions(+), 3 deletions(-)

diff --git a/accel-pppd/ctrl/ipoe/arp.c b/accel-pppd/ctrl/ipoe/arp.c
index 4f9669b..fa6858d 100644
--- a/accel-pppd/ctrl/ipoe/arp.c
+++ b/accel-pppd/ctrl/ipoe/arp.c
@@ -196,6 +196,9 @@ static int arp_read(struct triton_md_handler_t *h)
 		if (ah->ar_spa == 0)
 			continue;
 
+		if (!ipoe_check_localnet(ah->ar_spa))
+			continue;
+
 		t = &arp_tree[src.sll_ifindex & HASH_BITS];
 
 		parent = NULL;
diff --git a/accel-pppd/ctrl/ipoe/ipoe.c b/accel-pppd/ctrl/ipoe/ipoe.c
index 2645fbc..dbc3f19 100644
--- a/accel-pppd/ctrl/ipoe/ipoe.c
+++ b/accel-pppd/ctrl/ipoe/ipoe.c
@@ -237,6 +237,21 @@ static void ipoe_ctx_switch(struct triton_context_t *ctx, void *arg)
 	log_switch(ctx, arg);
 }
 
+int ipoe_check_localnet(in_addr_t addr)
+{
+	struct local_net *n;
+
+	if (list_empty(&local_nets))
+		return 1;
+
+	list_for_each_entry(n, &local_nets, entry) {
+		if ((addr & n->mask) == n->addr)
+			return 1;
+	}
+
+	return 0;
+}
+
 static struct ipoe_session *ipoe_session_lookup(struct ipoe_serv *serv, struct dhcpv4_packet *pack, struct ipoe_session **opt82_ses)
 {
 	struct ipoe_session *ses, *res = NULL;
@@ -3731,6 +3746,9 @@ static void parse_local_net(const char *opt)
 		mask = 24;
 	}
 
+	mask = htonl(mask ? ~0 << (32 - mask) : 0);
+	addr = addr & mask;
+
 	list_for_each_entry(n, &local_nets, entry) {
 		if (n->addr == addr && n->mask == mask) {
 			n->active = 1;
@@ -3744,7 +3762,7 @@ static void parse_local_net(const char *opt)
 	n->active = 1;
 	list_add_tail(&n->entry, &local_nets);
 
-	ipoe_nl_add_net(addr, mask);
+	ipoe_nl_add_net(addr, ntohl(mask));
 
 	return;
 
diff --git a/accel-pppd/ctrl/ipoe/ipoe.h b/accel-pppd/ctrl/ipoe/ipoe.h
index 933a2c9..75948b1 100644
--- a/accel-pppd/ctrl/ipoe/ipoe.h
+++ b/accel-pppd/ctrl/ipoe/ipoe.h
@@ -161,5 +161,7 @@ void *arpd_start(struct ipoe_serv *ipoe);
 void arpd_stop(void *arp);
 void arp_send(int ifindex, struct _arphdr *arph, int bc);
 
+int ipoe_check_localnet(in_addr_t addr);
+
 #endif
 
diff --git a/accel-pppd/ctrl/ipoe/ipoe_netlink.c b/accel-pppd/ctrl/ipoe/ipoe_netlink.c
index e42bf34..e7080e9 100644
--- a/accel-pppd/ctrl/ipoe/ipoe_netlink.c
+++ b/accel-pppd/ctrl/ipoe/ipoe_netlink.c
@@ -122,8 +122,6 @@ int ipoe_nl_add_net(uint32_t addr, int mask)
 	ghdr = NLMSG_DATA(&req.n);
 	ghdr->cmd = IPOE_CMD_ADD_NET;
 
-	mask = mask ? ~0 << (32 - mask) : 0;
-
 	addattr32(nlh, 1024, IPOE_ATTR_ADDR, addr);
 	addattr32(nlh, 1024, IPOE_ATTR_MASK, mask);
 
-- 
cgit v1.2.3