radvd: ignore requests from other interfaces than the configured one

Announcing networks into uplinks is never a good idea 🙈
2022-06-08 17:42:55 +02:00 · 2022-06-08 17:42:55 +02:00 · 225c8e6abd
commit 225c8e6abd
parent f4dd972e54
1 changed files with 5 additions and 0 deletions
--- a/internal/radvd/radvd.go
+++ b/internal/radvd/radvd.go
@ -19,6 +19,7 @@ import (
 	"log"
 	"net"
 	"net/netip"
+	"strings"
 	"sync"
 	"time"

@ -93,6 +94,10 @@ func (s *Server) Serve(ifname string, conn net.PacketConn) error {
 		if err != nil {
 			return err
 		}
+		if !strings.HasSuffix(addr.String(), "%"+ifname) {
+			log.Printf("ignoring off-interface request from %v", addr)
+			continue
+		}
 		// TODO: isn’t this guaranteed by the filter above?
 		if n == 0 ||
 			ipv6.ICMPType(buf[0]) != ipv6.ICMPTypeRouterSolicitation {