aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--net/slirp.c12
-rw-r--r--slirp/tcp_input.c26
2 files changed, 22 insertions, 16 deletions
diff --git a/net/slirp.c b/net/slirp.c
index b3f35d5..124e953 100644
--- a/net/slirp.c
+++ b/net/slirp.c
@@ -212,19 +212,19 @@ static int net_slirp_init(NetClientState *peer, const char *model,
return -1;
}
- if (vdhcp_start && !inet_aton(vdhcp_start, &dhcp)) {
+ if (vnameserver && !inet_aton(vnameserver, &dns)) {
return -1;
}
- if ((dhcp.s_addr & mask.s_addr) != net.s_addr ||
- dhcp.s_addr == host.s_addr || dhcp.s_addr == dns.s_addr) {
+ if ((dns.s_addr & mask.s_addr) != net.s_addr ||
+ dns.s_addr == host.s_addr) {
return -1;
}
- if (vnameserver && !inet_aton(vnameserver, &dns)) {
+ if (vdhcp_start && !inet_aton(vdhcp_start, &dhcp)) {
return -1;
}
- if ((dns.s_addr & mask.s_addr) != net.s_addr ||
- dns.s_addr == host.s_addr) {
+ if ((dhcp.s_addr & mask.s_addr) != net.s_addr ||
+ dhcp.s_addr == host.s_addr || dhcp.s_addr == dns.s_addr) {
return -1;
}
diff --git a/slirp/tcp_input.c b/slirp/tcp_input.c
index 6440eae..f946db8 100644
--- a/slirp/tcp_input.c
+++ b/slirp/tcp_input.c
@@ -316,16 +316,6 @@ tcp_input(struct mbuf *m, int iphlen, struct socket *inso)
m->m_data += sizeof(struct tcpiphdr)+off-sizeof(struct tcphdr);
m->m_len -= sizeof(struct tcpiphdr)+off-sizeof(struct tcphdr);
- if (slirp->restricted) {
- for (ex_ptr = slirp->exec_list; ex_ptr; ex_ptr = ex_ptr->ex_next) {
- if (ex_ptr->ex_fport == ti->ti_dport &&
- ti->ti_dst.s_addr == ex_ptr->ex_addr.s_addr) {
- break;
- }
- }
- if (!ex_ptr)
- goto drop;
- }
/*
* Locate pcb for segment.
*/
@@ -355,6 +345,22 @@ findso:
* as if it was LISTENING, and continue...
*/
if (so == NULL) {
+ if (slirp->restricted) {
+ /* Any hostfwds will have an existing socket, so we only get here
+ * for non-hostfwd connections. These should be dropped, unless it
+ * happens to be a guestfwd.
+ */
+ for (ex_ptr = slirp->exec_list; ex_ptr; ex_ptr = ex_ptr->ex_next) {
+ if (ex_ptr->ex_fport == ti->ti_dport &&
+ ti->ti_dst.s_addr == ex_ptr->ex_addr.s_addr) {
+ break;
+ }
+ }
+ if (!ex_ptr) {
+ goto dropwithreset;
+ }
+ }
+
if ((tiflags & (TH_SYN|TH_FIN|TH_RST|TH_URG|TH_ACK)) != TH_SYN)
goto dropwithreset;