From: Dmitry Popov <[email protected]> Date: Wed, 9 Jul 2014 04:47:59 +0400
> How I see ip_tunnel_lookup logic: > 1) try to find exact match (and if found return this tunnel): > tunnel.saddr == iph.daddr && tunnel.daddr == iph.saddr && key_matched() > 2) try to find matched (local) wildcard tunnel: > tunnel.saddr == any && tunnel.daddr == iph.saddr && key_matched() > 3) try to find matched (remote) wildcard tunnel: > tunnel.saddr == iph.daddr && tunnel.daddr == any && key_matched() > (there is also a test for multicast tunnel, but let's skip it for simplicity) > 4) try to find matched (full) wildcard tunnel: > tunnel.saddr == any && tunnel.daddr == any && key_matched() > 5) if nothing found return default tunnel. > > According to this logic, in 4th loop (the one you quoted) we have to test that > tunnel.daddr == any && tunnel.saddr == any. In my opinion those two new lines > are the best way to achieve it. Now it makes sense, thanks for explaining. Applied and queued up for -stable, thanks again. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
