diff --git a/components/lwip/apps/dhcpserver.c b/components/lwip/apps/dhcpserver.c index 94acc881e..d3cf99370 100644 --- a/components/lwip/apps/dhcpserver.c +++ b/components/lwip/apps/dhcpserver.c @@ -719,6 +719,8 @@ static u8_t parse_options(u8_t *optptr, s16_t len) *******************************************************************************/ static s16_t parse_msg(struct dhcps_msg *m, u16_t len) { + u32_t lease_timer = (dhcps_lease_time * 60)/DHCPS_COARSE_TIMER_SECS; + if (memcmp((char *)m->options, &magic_cookie, sizeof(magic_cookie)) == 0) { #if DHCPS_DEBUG DHCPS_LOG("dhcps: len = %d\n", len); @@ -745,7 +747,7 @@ static s16_t parse_msg(struct dhcps_msg *m, u16_t len) } client_address.addr = pdhcps_pool->ip.addr; - pdhcps_pool->lease_timer = dhcps_lease_time; + pdhcps_pool->lease_timer = lease_timer; pnode = pback_node; goto POOL_CHECK; } else if (pdhcps_pool->ip.addr == client_address_plus.addr) { @@ -783,7 +785,7 @@ static s16_t parse_msg(struct dhcps_msg *m, u16_t len) pdhcps_pool->ip.addr = client_address.addr; memcpy(pdhcps_pool->mac, m->chaddr, sizeof(pdhcps_pool->mac)); - pdhcps_pool->lease_timer = dhcps_lease_time; + pdhcps_pool->lease_timer = lease_timer; pnode = (list_node *)malloc(sizeof(list_node)); memset(pnode , 0x00 , sizeof(list_node)); diff --git a/components/lwip/include/lwip/apps/dhcpserver.h b/components/lwip/include/lwip/apps/dhcpserver.h index 39781d966..9e361833d 100644 --- a/components/lwip/include/lwip/apps/dhcpserver.h +++ b/components/lwip/include/lwip/apps/dhcpserver.h @@ -166,6 +166,7 @@ enum dhcps_offer_option{ OFFER_END }; +#define DHCPS_COARSE_TIMER_SECS 1 #define DHCPS_MAX_LEASE 0x64 #define DHCPS_LEASE_TIME_DEF (120) diff --git a/components/lwip/include/lwip/netif/etharp.h b/components/lwip/include/lwip/netif/etharp.h index e745dcc3e..3e25c389d 100755 --- a/components/lwip/include/lwip/netif/etharp.h +++ b/components/lwip/include/lwip/netif/etharp.h @@ -134,6 +134,10 @@ err_t etharp_raw(struct netif *netif, const struct eth_addr *ethsrc_addr, void etharp_arp_input(struct netif *netif, struct eth_addr *ethaddr, struct pbuf *p); +#if ETHARP_TRUST_IP_MAC +void etharp_ip_input(struct netif *netif, struct pbuf *p); +#endif + #ifdef __cplusplus } #endif diff --git a/components/lwip/include/lwip/port/lwipopts.h b/components/lwip/include/lwip/port/lwipopts.h index 21a5ac417..b179b17d3 100644 --- a/components/lwip/include/lwip/port/lwipopts.h +++ b/components/lwip/include/lwip/port/lwipopts.h @@ -585,6 +585,18 @@ */ #define TCPIP_DEBUG LWIP_DBG_OFF +/** + * ETHARP_TRUST_IP_MAC==1: Incoming IP packets cause the ARP table to be + * updated with the source MAC and IP addresses supplied in the packet. + * You may want to disable this if you do not trust LAN peers to have the + * correct addresses, or as a limited approach to attempt to handle + * spoofing. If disabled, lwIP will need to make a new ARP request if + * the peer is not already in the ARP table, adding a little latency. + * The peer *is* in the ARP table if it requested our address before. + * Also notice that this slows down input processing of every IP packet! + */ +#define ETHARP_TRUST_IP_MAC 1 + /* Enable all Espressif-only options */ diff --git a/components/lwip/netif/etharp.c b/components/lwip/netif/etharp.c index b51a20222..d9854dbb0 100755 --- a/components/lwip/netif/etharp.c +++ b/components/lwip/netif/etharp.c @@ -670,8 +670,7 @@ etharp_get_entry(u8_t i, ip4_addr_t **ipaddr, struct netif **netif, struct eth_a * * @see pbuf_free() */ -static void -etharp_ip_input(struct netif *netif, struct pbuf *p) +void etharp_ip_input(struct netif *netif, struct pbuf *p) { struct eth_hdr *ethhdr; struct ip_hdr *iphdr;