net/portmapper: ignore IGD SSDP responses from !defaultgw

Now that we multicast the SSDP query, we can get IGD offers from devices other than the current device's default gateway. We don't want to accidentally bind ourselves to those. Updates #3197 Signed-off-by: David Anderson <danderson@tailscale.com>
tailscale · Oct 27, 2021 · 060ba86 · 060ba86
1 parent 675f9cd
commit 060ba86
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/net/portmapper/portmapper.go b/net/portmapper/portmapper.go
@@ -752,10 +752,14 @@ func (c *Client) Probe(ctx context.Context) (res ProbeResult, err error) {
 			}
 			return res, err
 		}
+		ip, ok := netaddr.FromStdIP(addr.(*net.UDPAddr).IP)
+		if !ok {
+			continue
+		}
 		port := uint16(addr.(*net.UDPAddr).Port)
 		switch port {
 		case c.upnpPort():
-			if mem.Contains(mem.B(buf[:n]), mem.S(":InternetGatewayDevice:")) {
+			if ip == gw && mem.Contains(mem.B(buf[:n]), mem.S(":InternetGatewayDevice:")) {
 				meta, err := parseUPnPDiscoResponse(buf[:n])
 				if err != nil {
 					c.logf("unrecognized UPnP discovery response; ignoring")