[PATCH 09/21] netlink: Be more conservative about ICMP errors

[Ian Jackson]

Default to not sending ICMP error messages for unknown incoming ICMP
type codes.

Signed-off-by: Ian Jackson <ijackson at chiark.greenend.org.uk>
---
 debian/changelog |    1 +
 netlink.c        |   14 +++++++++++---
 2 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 33b7c0b..fe6caae 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -8,6 +8,7 @@ secnet (0.3.1~~unstable) unstable; urgency=low
   * Additions to the test-example suite.
   * SECURITY: Fixes to MTU and fragmentation handling.
   * SECURITY: Correctly set "unused" ICMP header field.
+  * Do not send ICMP errors in response to unknown incoming ICMP.
 
  --
 
diff --git a/netlink.c b/netlink.c
index 87b6671..d420f7b 100644
--- a/netlink.c
+++ b/netlink.c
@@ -304,9 +304,17 @@ static bool_t netlink_icmp_may_reply(struct buffer_if *buf)
     icmph=(struct icmphdr *)buf->start;
     if (iph->protocol==1) {
 	switch(icmph->type) {
-	case 3: /* Destination unreachable */
-	case 11: /* Time Exceeded */
-	case 12: /* Parameter Problem */
+	    /* Based on http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml#icmp-parameters-types
+	     * as retrieved Thu, 20 Mar 2014 00:16:44 +0000.
+	     * Deprecated, reserved, unassigned and experimental
+	     * options are treated as not safe to reply to.
+	     */
+	case 0: /* Echo Reply */
+	case 8: /* Echo */
+	case 13: /* Timestamp */
+	case 14: /* Timestamp Reply */
+	    return True;
+	default:
 	    return False;
 	}
     }
-- 
1.7.10.4