From: Guus Sliepen Date: Mon, 25 May 2009 13:04:33 +0000 (+0200) Subject: Do not forward broadcast packets when TunnelServer is enabled. X-Git-Tag: release-1.0.10~61 X-Git-Url: https://git.tinc-vpn.org/git/browse?a=commitdiff_plain;h=4e9e3ca89dba68cbacaaa15ddfb298b181a969da;p=tinc Do not forward broadcast packets when TunnelServer is enabled. First of all, the idea behind the TunnelServer option is to hide all other nodes from each other, so we shouldn't forward broadcast packets from them anyway. The other reason is that since edges from other nodes are ignored, the calculated minimum spanning tree might not be correct, which can result in routing loops. --- diff --git a/src/net_packet.c b/src/net_packet.c index 28cf161e..40d94518 100644 --- a/src/net_packet.c +++ b/src/net_packet.c @@ -488,9 +488,15 @@ void broadcast_packet(const node_t *from, vpn_packet_t *packet) ifdebug(TRAFFIC) logger(LOG_INFO, _("Broadcasting packet of %d bytes from %s (%s)"), packet->len, from->name, from->hostname); - if(from != myself) + if(from != myself) { send_packet(myself, packet); + // In TunnelServer mode, do not forward broadcast packets. + // The MST might not be valid and create loops. + if(tunnelserver) + return; + } + for(node = connection_tree->head; node; node = node->next) { c = node->data;