[src/trunk]: src/sys/netinet don't transmit ICMPv4 packet back, if the origin...

[itojun <itojun%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/fa604878ac65
branches:  trunk
changeset: 482870:fa604878ac65
user:      itojun <itojun%NetBSD.org@localhost>
date:      Thu Feb 24 09:54:49 2000 +0000

description:
don't transmit ICMPv4 packet back, if the original packet was encyrpted.

diffstat:

 sys/netinet/ip_icmp.c |  5 ++++-
 1 files changed, 4 insertions(+), 1 deletions(-)

diffs (23 lines):

diff -r f4baa6bf003d -r fa604878ac65 sys/netinet/ip_icmp.c
--- a/sys/netinet/ip_icmp.c     Thu Feb 24 06:33:47 2000 +0000
+++ b/sys/netinet/ip_icmp.c     Thu Feb 24 09:54:49 2000 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: ip_icmp.c,v 1.41 2000/02/17 10:59:35 darrenr Exp $     */
+/*     $NetBSD: ip_icmp.c,v 1.42 2000/02/24 09:54:49 itojun Exp $      */
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -184,10 +184,13 @@
        if (type != ICMP_REDIRECT)
                icmpstat.icps_error++;
        /*
+        * Don't send error if the original packet was encrypted.
         * Don't send error if not the first fragment of message.
         * Don't error if the old packet protocol was ICMP
         * error message, only known informational types.
         */
+       if (n->m_flags & M_DECRYPTED)
+               goto freeit;
        if (oip->ip_off &~ (IP_MF|IP_DF))
                goto freeit;
        if (oip->ip_p == IPPROTO_ICMP && type != ICMP_REDIRECT &&