current-users: Re: Should loose source routing be enabled if not IPFORWARDING?

Subject: Re: Should loose source routing be enabled if not IPFORWARDING?
To: Mark P. Gooderum <mark@nirvana.good.com>
From: Darren Reed <darrenr@vitruvius.arbld.unimelb.edu.au>
List: current-users
Date: 12/15/1994 17:40:33

In some email I received from Mark P. Gooderum, they wrote:
> 
> > > None of the legitimate uses of source routing have any need to pass through
> > > a box that has GATEWAY off.
> > 
> > I consider "traceroute -g intermediary destination" to be a ligitimate use
> > of source routing, even when the intermeidary is a non-routing host.
> 
> If it's a non-routing source, what business do your packets have passing
> through the box?

They don't always go _through_.

> > When GATEWAY is off, the box should not pass packets in one interface and
> > out another, but I think it could still pass LSRR and SSRR packets in one
> > interface and back out the same interface; there could be another option
> > to disable that too (for use in firewalls etc.). 
> 
> This is a nice concept but has a big problem.  The ip_input() routine
> (the function that decides to route or drop or accept as local any incoming
> IP packet) has no sure knowledge of which interface that packet actually
> came in on.  The link layer device (ethernet, slip, ppp, etc), throws the
> incoming packet on the protocol input queue and schedules a software
> interrupt.  That packet is an mbuf of the actual packet, there is no link
> to the interface and no MAC/Link layer header (the bpf device is a special
> case that is handled in the link layer device driver).  The IP layer can
> try to guess based on routing, but it's just that, a guess.  Maybe a good
> guess in a simple us and them inside/outside routing situation, but even that
> assumes no forged packets...BIG and bad assumption to make if you are 
> actually worried about security.
> 
> So ip_input() and the routing routines don't know for sure where a packet
> came from.  Thus, if you want to be really sure of not passing packets, you
> have to not forward *any* packets.

Rubbish.

RTFS.

/*
 * Do option processing on a datagram,
 * possibly discarding it if bad options are encountered,
 * or forwarding it if source-routed.
 * Returns 1 if packet has been forwarded/freed,
 * 0 if the packet should be processed further.
 */
int
ip_dooptions(m, ifp)
        struct mbuf *m;
        struct ifnet *ifp;
{
...

What do you think ifp is ?