diff --git a/src/adapter.c b/src/adapter.c
index 2883b79..fd575f9 100644
a
|
b
|
tapReadConfiguration( |
222 | 222 | Adapter->MediaStateAlwaysConnected = FALSE; |
223 | 223 | Adapter->LogicalMediaState = FALSE; |
224 | 224 | Adapter->AllowNonAdmin = FALSE; |
| 225 | // source check can not be set in the registry yet. This has to be set each |
| 226 | // time the adapter is opened. |
| 227 | Adapter->m_source_check = TRUE; |
225 | 228 | // |
226 | 229 | // Open the registry for this adapter to read advanced |
227 | 230 | // configuration parameters stored by the INF file. |
diff --git a/src/adapter.h b/src/adapter.h
index 2f09d12..70a394d 100644
a
|
b
|
|
4 | 4 | * |
5 | 5 | * This code was inspired by the CIPE-Win32 driver by Damion K. Wilson. |
6 | 6 | * |
| 7 | * Copyright (C) 2016 Noel Kuntze <noel@familie-kuntze.de> |
7 | 8 | * This source code is Copyright (C) 2002-2014 OpenVPN Technologies, Inc., |
8 | 9 | * and is released under the GPL version 2 (see below). |
9 | 10 | * |
… |
… |
typedef struct _TAP_ADAPTER_CONTEXT |
251 | 252 | BOOLEAN m_CalledAdapterFreeResources; |
252 | 253 | BOOLEAN m_RegisteredAdapterShutdownHandler; |
253 | 254 | |
| 255 | // This variable is initialised as TRUE. If it is set to FALSE, the adapter does |
| 256 | // not check the source IP field of the ARP requests it receives on the adapter. |
| 257 | BOOLEAN m_source_check; |
| 258 | |
254 | 259 | } TAP_ADAPTER_CONTEXT, *PTAP_ADAPTER_CONTEXT; |
255 | 260 | |
256 | 261 | FORCEINLINE |
diff --git a/src/device.c b/src/device.c
index 2b7ba9b..85897b6 100644
a
|
b
|
|
4 | 4 | * |
5 | 5 | * This code was inspired by the CIPE-Win32 driver by Damion K. Wilson. |
6 | 6 | * |
| 7 | * Copyright (C) 2016 Noel Kuntze <noel@familie-kuntze.de> |
7 | 8 | * This source code is Copyright (C) 2002-2014 OpenVPN Technologies, Inc., |
8 | 9 | * and is released under the GPL version 2 (see below). |
9 | 10 | * |
… |
… |
Return Value: |
692 | 693 | } |
693 | 694 | } |
694 | 695 | break; |
695 | | |
| 696 | case TAP_WIN_IOCTL_CONFIG_SET_SRC_CHECK: |
| 697 | { |
| 698 | if (inBufLength >= sizeof(ULONG)) |
| 699 | { |
| 700 | adapter->m_source_check = (BOOLEAN) ((PULONG) (Irp->AssociatedIrp.SystemBuffer))[0]; |
| 701 | Irp->IoStatus.Information = 1; |
| 702 | } |
| 703 | else |
| 704 | { |
| 705 | NOTE_ERROR(); |
| 706 | Irp->IoStatus.Status = ntStatus = STATUS_INVALID_PARAMETER; |
| 707 | } |
| 708 | } |
| 709 | break; |
696 | 710 | default: |
697 | 711 | |
698 | 712 | // |
diff --git a/src/tap-windows.h b/src/tap-windows.h
index d546a5b..0809c2e 100644
a
|
b
|
|
4 | 4 | * |
5 | 5 | * This code was inspired by the CIPE-Win32 driver by Damion K. Wilson. |
6 | 6 | * |
| 7 | * Copyright (C) 2016 Noel Kuntze <noel@familie-kuntze.de> |
7 | 8 | * This source code is Copyright (C) 2002-2014 OpenVPN Technologies, Inc., |
8 | 9 | * and is released under the GPL version 2 (see below). |
9 | 10 | * |
… |
… |
|
49 | 50 | |
50 | 51 | /* obsoletes TAP_WIN_IOCTL_CONFIG_POINT_TO_POINT */ |
51 | 52 | #define TAP_WIN_IOCTL_CONFIG_TUN TAP_WIN_CONTROL_CODE (10, METHOD_BUFFERED) |
52 | | |
| 53 | #define TAP_WIN_IOCTL_CONFIG_SET_SRC_CHECK TAP_WIN_CONTROL_CODE (11, METHOD_BUFFERED) |
53 | 54 | /* |
54 | 55 | * ================= |
55 | 56 | * Registry keys |
diff --git a/src/txpath.c b/src/txpath.c
index f627934..8af5f21 100644
a
|
b
|
|
4 | 4 | * |
5 | 5 | * This code was inspired by the CIPE-Win32 driver by Damion K. Wilson. |
6 | 6 | * |
| 7 | * Copyright (C) 2016 Noel Kuntze <noel@familie-kuntze.de> |
7 | 8 | * This source code is Copyright (C) 2002-2014 OpenVPN Technologies, Inc., |
8 | 9 | * and is released under the GPL version 2 (see below). |
9 | 10 | * |
… |
… |
ProcessARP( |
216 | 217 | //----------------------------------------------- |
217 | 218 | // Is this the kind of packet we are looking for? |
218 | 219 | //----------------------------------------------- |
| 220 | BOOLEAN source_check = FALSE; |
| 221 | if (Adapter->m_source_check) |
| 222 | { |
| 223 | source_check = (src->m_ARP_IP_Source == adapter_ip); |
| 224 | } |
| 225 | else |
| 226 | { |
| 227 | source_check = TRUE; |
| 228 | } |
219 | 229 | if (src->m_Proto == htons (NDIS_ETH_TYPE_ARP) |
220 | 230 | && MAC_EQUAL (src->m_MAC_Source, Adapter->PermanentAddress) |
221 | 231 | && MAC_EQUAL (src->m_ARP_MAC_Source, Adapter->PermanentAddress) |
… |
… |
ProcessARP( |
225 | 235 | && src->m_MAC_AddressSize == sizeof (MACADDR) |
226 | 236 | && src->m_PROTO_AddressType == htons (NDIS_ETH_TYPE_IPV4) |
227 | 237 | && src->m_PROTO_AddressSize == sizeof (IPADDR) |
228 | | && src->m_ARP_IP_Source == adapter_ip |
| 238 | && source_check |
229 | 239 | && (src->m_ARP_IP_Destination & ip_netmask) == ip_network |
230 | 240 | && src->m_ARP_IP_Destination != adapter_ip) |
231 | 241 | { |