From 3c4d560581795dbb6c89ec9f08fade3adcc91024 Mon Sep 17 00:00:00 2001 From: Felix Fietkau Date: Wed, 2 Jan 2013 16:14:15 +0100 Subject: [PATCH] add rfc1918 filter check --- client.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/client.c b/client.c index 1b9c524..3dc40e8 100644 --- a/client.c +++ b/client.c @@ -172,8 +172,25 @@ static bool client_init_cb(struct client *cl, char *buf, int len) return true; } +static bool rfc1918_filter_check(struct client *cl) +{ + if (!conf.rfc1918_filter) + return true; + + if (!uh_addr_rfc1918(&cl->peer_addr) || uh_addr_rfc1918(&cl->srv_addr)) + return true; + + uh_client_error(cl, 403, "Forbidden", + "Rejected request from RFC1918 IP " + "to public server address"); + return false; +} + static void client_header_complete(struct client *cl) { + if (!rfc1918_filter_check(cl)) + return; + uh_handle_request(cl); } -- 2.30.2