From owner-freebsd-questions@FreeBSD.ORG Sun Oct 17 05:27:53 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D8E66106566C for ; Sun, 17 Oct 2010 05:27:53 +0000 (UTC) (envelope-from nlandys@gmail.com) Received: from mail-qy0-f182.google.com (mail-qy0-f182.google.com [209.85.216.182]) by mx1.freebsd.org (Postfix) with ESMTP id 90B508FC08 for ; Sun, 17 Oct 2010 05:27:53 +0000 (UTC) Received: by qyk30 with SMTP id 30so2397865qyk.13 for ; Sat, 16 Oct 2010 22:27:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:date:message-id :subject:from:to:content-type; bh=5MbEkjmbh+T2lHGTvZjOjLU34pRTc47Pl2T9EJ0sHpg=; b=AMCt7xkQ+/ZfYmifRYTU/WnvDgalskN/IFHydiHB6YnUj6A0C3XlMPTqInlhQXcLkQ lHjqtukAy9B6EB/mhZE1YUacr86pjrIOYmwhPG93ZOqKlpUSaU/xEoc9HmBHaL/5NwMy UtfLjDftV/kv3jy6uF0PqE2AXk8g6I1T9Jaqc= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; b=WDATHSUmSNmjvvz13G4ZUSSk/oyLaQMbT9845iWTQir13eXjrTYYgtB6MuwPabyvON xnsY60iL4LWeukXDGj6Na1FIjsQnIFAmGAlvKuKu0fx7v2TyVzV6Ay7OGqXVIiIx+Y6E HRdohXzdZQUS/DiKgb2/+7Fewx2ymMXanb7lM= MIME-Version: 1.0 Received: by 10.224.105.103 with SMTP id s39mr776960qao.7.1287291412975; Sat, 16 Oct 2010 21:56:52 -0700 (PDT) Received: by 10.229.219.74 with HTTP; Sat, 16 Oct 2010 21:56:52 -0700 (PDT) Date: Sat, 16 Oct 2010 21:56:52 -0700 Message-ID: From: Nerius Landys To: FreeBSD Mailing List Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: UDP packet spoofed LAN source address? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Oct 2010 05:27:53 -0000 This is really more of a networking question. I'm wondering, in a typical scenario, for example my server is in a data center with a typical colocation company. I am editing someone else's code, and this code handles incoming UDP packets. The code handles UDP packets that have a source address being from the LAN differently. It gives those packets special treatment. To check whether a source address is a LAN address, it does the typical checks for 10.0.0.0, 172.16.0.0, 192.168.0.0, 127.0.0.0, and it also checks every assinged IP address with netmask to see if the source address on the UDP packet came from that network. My question is - how possible (in these typical environments) is it to send a UDP packet from far away that claims to have a source address being a LAN address? Will such a packet typically make it to my server, or will a router along the way stop it from arriving? Maybe, is there a simple 10 line C program that I can run and compile to check if this scenario is possible on _my_ server? - Nerius