The branch main has been updated by tuexen:
URL:
https://cgit.FreeBSD.org/src/commit/?id=16587f60a69820f1a319644da4ec1a40efbcbdf0
commit 16587f60a69820f1a319644da4ec1a40efbcbdf0
Author: Michael Tuexen <tue...@freebsd.org>
AuthorDate: 2025-06-13 20:57:16 +0000
Commit: Michael Tuexen <tue...@freebsd.org>
CommitDate: 2025-06-13 20:59:50 +0000
udp: fix local blackholing
The sysctl-variable net.inet.udp.blackhole_local should affect
UDP packets from an IPv6 address of the local host, not of a host on
the local area network.
Thanks to cc@ for pointing me to the issue.
Reviewed by: cc
MFC after: 1 week
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D50829
---
sys/netinet6/udp6_usrreq.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/sys/netinet6/udp6_usrreq.c b/sys/netinet6/udp6_usrreq.c
index c8f91fff2b76..304effa26e01 100644
--- a/sys/netinet6/udp6_usrreq.c
+++ b/sys/netinet6/udp6_usrreq.c
@@ -517,7 +517,7 @@ skip_checksum:
goto badunlocked;
}
if (V_udp_blackhole && (V_udp_blackhole_local ||
- !in6_localaddr(&ip6->ip6_src)))
+ !in6_localip(&ip6->ip6_src)))
goto badunlocked;
icmp6_error(m, ICMP6_DST_UNREACH, ICMP6_DST_UNREACH_NOPORT, 0);
*mp = NULL;
