Wild. It works on SunOS 4.1.3_U1, even though it is explicitly not supposed to. (Incidently, its easier to test this with ping -s broadcastaddr; no need to compile any new code.) This is certainly a bug, and a bad one. You aren't supposed to have to hack every program that uses UDP not to reply on the broadcast address; the need for the sockopt if you want to do a broadcast is supposed to protect you. This is Very Bad News. It means that it is possible to disable remote networks by sending out chernobylgrams to them provided the router shares the defect -- and many firewall routers these days run by people who believe in packet filtering are BSD based and might have this flaw. Could people tell us which operating systems have this defect and which do not? This is an important one to catch before the evil folks get out their packet forgers. Perry Tim Newsham says: > > > > > > To my knowledge, the broadcast trick will not work -- the "broadcast" > > will not go out on the ethernet or other broadcast address because the > > broadcast socket option will not have been selected and the packet > > will not be broadcast in reply. The echo loop between two hosts might, > > of course... > > > > Perry > > Run the following program. Try "[name] 255.255.255.255" and > "[name] X.X.X.255" (assuming 8 bit subnetting). Notice both > will work properly although I did not do a setsockopt with > SO_BROADCAST. > > Tim N. > > > /* echo.c - [name] [ip address] */ > #include <sys/types.h> > #include <sys/signal.h> > #include <sys/socket.h> > #include <netinet/in.h> > > int hosts = 0; > > im_done() > { > printf("Done. %d hosts responded\n", hosts); > exit(0); > } > > error(str) > char *str; > { > perror(str); > exit(1); > } > > main(argc, argv) > char **argv; > { > int s, adlen, val; > char *message = "Echo Test", *remote; > char buf[128]; > struct sockaddr_in ad; > > if(argc > 1) > remote = argv[1]; > else > remote = "127.0.0.1"; > > signal(SIGINT, im_done); > s = socket(AF_INET, SOCK_DGRAM, 0); > if(s < 0) > error("socket"); > > ad.sin_family = AF_INET; > ad.sin_addr.s_addr = inet_addr(remote); > ad.sin_port = htons(7); > > if(sendto(s, message, strlen(message), 0, &ad, sizeof(ad)) < 0) > error("sendto"); > > printf("Echo Test. SIGINT to quit.\n"); > adlen = sizeof(ad); > while(recvfrom(s, buf, 128, 0, &ad, &adlen) > 0) { > printf("Reply from %s: %s\n", inet_ntoa(ad.sin_addr), buf); > hosts++; > } > } >