diff options
| author |   Ole Troan <ot@cisco.com> | 2018-09-28 14:27:24 +0200 |
|---|---|---|
| committer |   Neale Ranns <nranns@cisco.com> | 2018-09-28 15:05:07 +0000 |
| commit | 639f573dcaac505f137d305e4d7eb1b82eebb73d (patch) | |
| tree | ce4a3d770f9590dc588127c189f9779024ba5946 | |
| parent | 6a5bc5173a9050e0e038638b7eac5a0c9ecf5c7d (diff) | |
IP ttl check in ip4-input missing for single packet path.
Change-Id: Idc17b2f8794d37cd3242a97395ab56bd633ca575
Signed-off-by: Ole Troan <ot@cisco.com>
| -rw-r--r-- | src/vnet/ip/ip4_input.h | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/vnet/ip/ip4_input.h b/src/vnet/ip/ip4_input.h index 880896e6430..5df2154b2c3 100644 --- a/src/vnet/ip/ip4_input.h +++ b/src/vnet/ip/ip4_input.h @@ -290,6 +290,9 @@ ip4_input_check_x1 (vlib_main_t * vm, check_ver_opt_csum (ip0, &error0, verify_checksum); + if (PREDICT_FALSE (ip0->ttl < 1)) + error0 = IP4_ERROR_TIME_EXPIRED; + /* Drop fragmentation offset 1 packets. */ error0 = ip4_get_fragment_offset (ip0) == 1 ? IP4_ERROR_FRAGMENT_OFFSET_ONE : error0; |