ipcpd: Reject outbound packets on eth

AF_PACKET under `tc netem duplicate`, produces an extra
PACKET_OUTGOING frame at the source that receive path didn't reject.

Read with recvfrom(2) and discard frames whose sll_pkttype is
PACKET_OUTGOING.  Restores the dst-MAC check body (defense in depth,
also bumps n_bad_id) so any frame addressed neither to us nor the
broadcast MAC is dropped before flow lookup.

Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>

0 files changed, 0 insertions, 0 deletions