summaryrefslogtreecommitdiff
path: root/radsecproxy.c
diff options
context:
space:
mode:
Diffstat (limited to 'radsecproxy.c')
-rw-r--r--radsecproxy.c7
1 files changed, 7 insertions, 0 deletions
diff --git a/radsecproxy.c b/radsecproxy.c
index da3e142..425378e 100644
--- a/radsecproxy.c
+++ b/radsecproxy.c
@@ -1869,6 +1869,12 @@ void radsrv(struct request *rq) {
goto exit;
}
+ if (options.rpf && !strcmp(rq->from->conf->name, to->conf->name)) {
+ debug(DBG_INFO, "radsrv: RPF failed, not forwarding request from client %s to server %s, discarding",
+ rq->from->conf->name, to->conf->name);
+ goto exit;
+ }
+
if (rqinqueue(to, rq->from, id, code)) {
debug(DBG_INFO, "radsrv: already got %s from host %s with id %d, ignoring",
radmsgtype2string(code), rq->from->conf->host, id);
@@ -3082,6 +3088,7 @@ void getmainconfig(const char *configfile) {
"SourceTCP", CONF_STR, &options.sourcetcp,
"LogLevel", CONF_STR, &loglevel,
"LogDestination", CONF_STR, &options.logdestination,
+ "RPFCheck", CONF_BLN, &options.rpf,
"Client", CONF_CBK, confclient_cb,
"Server", CONF_CBK, confserver_cb,
"Realm", CONF_CBK, confrealm_cb,
generated by cgit v1.1 at 2024-12-26 19:31:08 +0000