From 7fd1778d7c325484384d4dd447a4e813a999832a Mon Sep 17 00:00:00 2001
From: emanuele-f <black.silver@hotmail.it>
Date: Wed, 31 Oct 2018 13:08:39 +0100
Subject: [PATCH] Fix packets from clients being routed when routing is
 disabled

---
 edge_utils.c | 32 +++++++++++++++++++++++++++-----
 1 file changed, 27 insertions(+), 5 deletions(-)

diff --git a/edge_utils.c b/edge_utils.c
index 32138b6..da39e0d 100644
--- a/edge_utils.c
+++ b/edge_utils.c
@@ -51,6 +51,10 @@
 #define N2N_TRANSOP_AESCBC_IDX  2
 /* etc. */
 
+#define ETH_FRAMESIZE 14
+#define IP4_SRCOFFSET 12
+#define IP4_DSTOFFSET 16
+
 /* ************************************** */
 
 /** Initialise an edge to defaults.
@@ -719,6 +723,8 @@ static int handle_PACKET(n2n_edge_t * eee,
   uint8_t *           eth_payload=NULL;
   int                 retval = -1;
   time_t              now;
+  ether_hdr_t *       eh;
+  ipstr_t             ip_buf;
 
   now = time(NULL);
 
@@ -753,11 +759,29 @@ static int handle_PACKET(n2n_edge_t * eee,
     if(rx_transop_idx >=0)
       {
 	eth_payload = decodebuf;
+	eh = (ether_hdr_t*)eth_payload;
 	eth_size = eee->transop[rx_transop_idx].rev(&(eee->transop[rx_transop_idx]),
 						    eth_payload, N2N_PKT_BUF_SIZE,
 						    payload, psize);
 	++(eee->transop[rx_transop_idx].rx_cnt); /* stats */
 
+	if(!(eee->allow_routing)) {
+	  if(ntohs(eh->type) == 0x0800) {
+	    uint32_t *dst = (uint32_t*)&eth_payload[ETH_FRAMESIZE + IP4_DSTOFFSET];
+
+	    /* Note: all elements of the_ip are in network order */
+	    if(*dst != eee->device.ip_addr) {
+	      /* This is a packet that needs to be routed */
+	      traceEvent(TRACE_INFO, "Discarding routed packet [%s]",
+			 intoa(ntohl(*dst), ip_buf, sizeof(ip_buf)));
+	      return(-1);
+	    } else {
+	      /* This packet is directed to us */
+	      /* traceEvent(TRACE_INFO, "Sending non-routed packet"); */
+	    }
+	  }
+	}
+
 	/* Write ethernet packet to tap device. */
 	traceEvent(TRACE_INFO, "sending to TAP %u", (unsigned int)eth_size);
 	data_sent_len = tuntap_write(&(eee->device), eth_payload, eth_size);
@@ -1096,15 +1120,13 @@ void send_packet2net(n2n_edge_t * eee,
   if(!(eee->allow_routing)) {
     if(ntohs(eh.type) == 0x0800) {
       /* This is an IP packet from the local source address - not forwarded. */
-#define ETH_FRAMESIZE 14
-#define IP4_SRCOFFSET 12
-      uint32_t *dst = (uint32_t*)&tap_pkt[ETH_FRAMESIZE + IP4_SRCOFFSET];
+      uint32_t *src = (uint32_t*)&tap_pkt[ETH_FRAMESIZE + IP4_SRCOFFSET];
 
       /* Note: all elements of the_ip are in network order */
-      if(*dst != eee->device.ip_addr) {
+      if(*src != eee->device.ip_addr) {
 	/* This is a packet that needs to be routed */
 	traceEvent(TRACE_INFO, "Discarding routed packet [%s]",
-		   intoa(ntohl(*dst), ip_buf, sizeof(ip_buf)));
+		   intoa(ntohl(*src), ip_buf, sizeof(ip_buf)));
 	return;
       } else {
 	/* This packet is originated by us */