From 5bafc99741d9874cde65264ddf084afc09315869 Mon Sep 17 00:00:00 2001
From: Zack Scholl <zack.scholl@gmail.com>
Date: Thu, 21 Nov 2019 14:58:48 -0800
Subject: [PATCH] check if the purported IP is really local #168

---
 src/croc/croc.go | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/src/croc/croc.go b/src/croc/croc.go
index bb08058..e11c08e 100644
--- a/src/croc/croc.go
+++ b/src/croc/croc.go
@@ -9,6 +9,7 @@ import (
 	"io"
 	"io/ioutil"
 	"math"
+	"net"
 	"os"
 	"path"
 	"path/filepath"
@@ -472,6 +473,22 @@ func (c *Client) Receive() (err error) {
 			port := ips[0]
 			ips = ips[1:]
 			for _, ip := range ips {
+				ipv4Addr, ipv4Net, errNet := net.ParseCIDR(fmt.Sprintf("%s/24", ip))
+				log.Debugf("ipv4Add4: %+v, ipv4Net: %+v, err: %+v", ipv4Addr, ipv4Net, errNet)
+				localIps, _ := utils.GetLocalIPs()
+				haveLocalIP := false
+				for _, localIP := range localIps {
+					localIPparsed := net.ParseIP(localIP)
+					if ipv4Net.Contains(localIPparsed) {
+						haveLocalIP = true
+						break
+					}
+				}
+				if !haveLocalIP {
+					log.Debugf("%s is not a local IP, skipping", ip)
+					continue
+				}
+
 				serverTry := fmt.Sprintf("%s:%s", ip, port)
 				conn, banner2, externalIP, errConn := tcp.ConnectToTCPServer(serverTry, c.Options.RelayPassword, c.Options.SharedSecret, 50*time.Millisecond)
 				if errConn != nil {