added code to check ip version

liy-admin · Aug 4, 2018 · 6966396 · 6966396
1 parent ee7a6cd
commit 6966396
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 10 deletions.
diff --git a/main.cpp b/main.cpp
@@ -49,7 +49,8 @@ static void print_help()
 	printf("                                          default value: 0. do not use if you dont know what it means.\n");
 	printf("    --random-drop         <number>        simulate packet loss, unit: 0.01%%. default value: 0\n");
 	printf("    --disable-obscure     <number>        disable obscure, to save a bit bandwidth and cpu\n");
-//	printf("    --disable-xor         <number>        disable xor\n");
+	printf("    --disable-checksum    <number>        disable checksum to save a bit bandwdith and cpu\n");
+	printf("    --disable-xor         <number>        disable xor encryption to save a bit cpu\n");
 
 	printf("developer options:\n");
 	printf("    --tun-mtu             <number >       mtu of the tun interface,most time you shouldnt change this\n");

diff --git a/tun_dev.cpp b/tun_dev.cpp
@@ -134,9 +134,11 @@ int from_fec_to_normal2(conn_info_t & conn_info,dest_t &dest,char * data,int len
 		{
 			char * tmp_data=out_arr[i];
 			int tmp_len=out_len[i];
-			if(tmp_len>=20)
+			iphdr *  iph;
+			iph = (struct iphdr *) tmp_data;
+			if(tmp_len>=int(sizeof(iphdr))&&iph->version==4)
 			{
-				u32_t dest_ip=htonl(read_u32(tmp_data+16));
+				u32_t dest_ip=iph->daddr;
 				//printf("%s\n",my_ntoa(dest_ip));
 				if(  ( ntohl(sub_net_uint32)&0xFFFFFF00 ) !=  ( ntohl (dest_ip) &0xFFFFFF00) )
 				{
@@ -160,25 +162,29 @@ int do_mssfix(char * s,int len)
 	{
 		return 0;
 	}
-	if(len<20)
+
+	if(len<int(sizeof(iphdr)))
 	{
 		mylog(log_debug,"packet from tun len=%d <20\n",len);
 		return -1;
 	}
 	iphdr *  iph;
 	iph = (struct iphdr *) s;
+	if(iph->version!=4)
+	{
+		//mylog(log_trace,"not ipv4");
+		return 0;
+	}
+
 	if(iph->protocol!=IPPROTO_TCP)
 	{
 		//mylog(log_trace,"not tcp");
 		return 0;
 	}
 
-    if (!(iph->ihl > 0 && iph->ihl <=60)) {
-    	mylog(log_debug,"iph ihl error ihl= %u\n",(u32_t)iph->ihl);
-        return -1;
-    }
     int ip_len=ntohs(iph->tot_len);
     int ip_hdr_len=iph->ihl*4;
+
     if(len<ip_hdr_len)
     {
     	mylog(log_debug,"len<ip_hdr_len,%d %d\n",len,ip_hdr_len);
@@ -300,15 +306,21 @@ int do_mssfix(char * s,int len)
     	}
     	else
     	{
+
     		if(ptr+1>=option_end)
     		{
     			mylog(log_debug,"invaild option ptr+1==option_end\n");
     			return -1;
     		}
     		else
     		{
-    			//omit check
-    			ptr+=*(ptr+1);
+    			int len=(unsigned char)*(ptr+1);
+    			if(len<=1)
+    			{
+    				mylog(log_debug,"invaild option len %d\n",len);
+    				return -1;
+    			}
+    			ptr+=len;
     		}
     	}
     }