GitHub-Mirror/linux-bl808
2
0
Fork 0
mirror of https://github.com/Fishwaldo/linux-bl808.git synced 2025-06-06 06:35:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

net: Fix RPF to work with policy routing

Browse source 
Policy routing is not looked up by mark on reverse path filtering.
This fixes it.

Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
jamal 2009-10-18 02:12:33 +00:00 committed by David S. Miller
parent 14d18a81b5
commit b0c110ca8e
3 changed files with 10 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
include/net/ip_fib.h
View file

@ -210,7 +210,8 @@ extern struct fib_table *fib_get_table(struct net *net, u32 id);
extern const struct nla_policy rtm_ipv4_policy[]; extern const struct nla_policy rtm_ipv4_policy[];
extern void ip_fib_init(void); extern void ip_fib_init(void);
extern int fib_validate_source(__be32 src, __be32 dst, u8 tos, int oif, extern int fib_validate_source(__be32 src, __be32 dst, u8 tos, int oif,
struct net_device *dev, __be32 *spec_dst, u32 *itag); struct net_device *dev, __be32 *spec_dst,
u32 *itag, u32 mark);
extern void fib_select_default(struct net *net, const struct flowi *flp, extern void fib_select_default(struct net *net, const struct flowi *flp,
struct fib_result *res); struct fib_result *res);

5
net/ipv4/fib_frontend.c
View file

@ -229,14 +229,17 @@ unsigned int inet_dev_addr_type(struct net *net, const struct net_device *dev,
*/ */
int fib_validate_source(__be32 src, __be32 dst, u8 tos, int oif, int fib_validate_source(__be32 src, __be32 dst, u8 tos, int oif,
struct net_device *dev, __be32 *spec_dst, u32 *itag) struct net_device *dev, __be32 *spec_dst,
u32 *itag, u32 mark)
{ {
struct in_device *in_dev; struct in_device *in_dev;
struct flowi fl = { .nl_u = { .ip4_u = struct flowi fl = { .nl_u = { .ip4_u =
{ .daddr = src, { .daddr = src,
.saddr = dst, .saddr = dst,
.tos = tos } }, .tos = tos } },
.mark = mark,
.iif = oif }; .iif = oif };
struct fib_result res; struct fib_result res;
int no_addr, rpf; int no_addr, rpf;
int ret; int ret;

8
net/ipv4/route.c
View file

@ -1854,7 +1854,7 @@ static int ip_route_input_mc(struct sk_buff *skb, __be32 daddr, __be32 saddr,
goto e_inval; goto e_inval;
spec_dst = inet_select_addr(dev, 0, RT_SCOPE_LINK); spec_dst = inet_select_addr(dev, 0, RT_SCOPE_LINK);
} else if (fib_validate_source(saddr, 0, tos, 0, } else if (fib_validate_source(saddr, 0, tos, 0,
dev, &spec_dst, &itag) < 0) dev, &spec_dst, &itag, 0) < 0)
goto e_inval; goto e_inval;
rth = dst_alloc(&ipv4_dst_ops); rth = dst_alloc(&ipv4_dst_ops);
@ -1967,7 +1967,7 @@ static int __mkroute_input(struct sk_buff *skb,
err = fib_validate_source(saddr, daddr, tos, FIB_RES_OIF(*res), err = fib_validate_source(saddr, daddr, tos, FIB_RES_OIF(*res),
in_dev->dev, &spec_dst, &itag); in_dev->dev, &spec_dst, &itag, skb->mark);
if (err < 0) { if (err < 0) {
ip_handle_martian_source(in_dev->dev, in_dev, skb, daddr, ip_handle_martian_source(in_dev->dev, in_dev, skb, daddr,
saddr); saddr);
@ -2141,7 +2141,7 @@ static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr,
int result; int result;
result = fib_validate_source(saddr, daddr, tos, result = fib_validate_source(saddr, daddr, tos,
net->loopback_dev->ifindex, net->loopback_dev->ifindex,
dev, &spec_dst, &itag); dev, &spec_dst, &itag, skb->mark);
if (result < 0) if (result < 0)
goto martian_source; goto martian_source;
if (result) if (result)
@ -2170,7 +2170,7 @@ brd_input:
spec_dst = inet_select_addr(dev, 0, RT_SCOPE_LINK); spec_dst = inet_select_addr(dev, 0, RT_SCOPE_LINK);
else { else {
err = fib_validate_source(saddr, 0, tos, 0, dev, &spec_dst, err = fib_validate_source(saddr, 0, tos, 0, dev, &spec_dst,
&itag); &itag, skb->mark);
if (err < 0) if (err < 0)
goto martian_source; goto martian_source;
if (err) if (err)