Looks like there is this test already:
if (IPV6_ADDR_MC_SCOPE(&ipv6_hdr(skb)->daddr) <=
IPV6_ADDR_SCOPE_NODELOCAL &&
!(dev->flags & IFF_LOOPBACK)) {
kfree_skb(skb);
return 0;
}
On Tue, May 2, 2017 at 9:59 PM, David Miller <davem@xxxxxxxxxxxxx> wrote:
> From: Donatas Abraitis <donatas.abraitis@xxxxxxxxx>
> Date: Thu, 27 Apr 2017 10:12:02 +0300
>
>> RFC4291 2.7 Routers must not forward any multicast packets
>> beyond of the scope indicated by the scop field in the
>> destination multicast address.
>>
>> Signed-off-by: Donatas Abraitis <donatas.abraitis@xxxxxxxxx>
>
> I think it's a ">=" test which is needed here, not pure equality.
> Scopes are subsets of other scopes and are therefore allowed within
> eachother.
>
> Did you actually see misbehavior due to this issue, or see a real
> bonafide conformance test fail?
>
> If you're just reading the RFC and sticking tests here and there based
> upon what you read, without any testing or real life verification of
> the issue, this is _strongly_ discouraged.
>
> It would even be ok if you merely showed how another open source
> networking stack makes this test.
--
Donatas