Patrick McHardy wrote: > [IPV4]: Always set fl.proto in ip_route_newports > > ip_route_newports uses the struct flowi from the struct rtable returned > by ip_route_connect for the new route lookup and just replaces the port > numbers if they have changed. If an IPsec policy exists which doesn't match > port 0 the struct flowi won't have the proto field set and no xfrm lookup > is done for the changed ports.
I missed DCCP in my last patch, new one attached.
[IPV4]: Always set fl.proto in ip_route_newports ip_route_newports uses the struct flowi from the struct rtable returned by ip_route_connect for the new route lookup and just replaces the port numbers if they have changed. If an IPsec policy exists which doesn't match port 0 the struct flowi won't have the proto field set and no xfrm lookup is done for the changed ports. Signed-off-by: Patrick McHardy <[EMAIL PROTECTED]> --- commit 6c05f125a47adff9450f835fb35b5c51cc43743b tree 2ae57d6375f0c69b26bcb43eb745f80971441959 parent e5a3397323130b01becc4efbf025a5386775e83d author Patrick McHardy <[EMAIL PROTECTED]> Thu, 26 Jan 2006 15:23:11 +0100 committer Patrick McHardy <[EMAIL PROTECTED]> Thu, 26 Jan 2006 15:23:11 +0100 include/net/route.h | 5 +++-- net/dccp/ipv4.c | 3 ++- net/ipv4/tcp_ipv4.c | 2 +- 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/include/net/route.h b/include/net/route.h index e3e5436..9c04f15 100644 --- a/include/net/route.h +++ b/include/net/route.h @@ -170,8 +170,8 @@ static inline int ip_route_connect(struc return ip_route_output_flow(rp, &fl, sk, 0); } -static inline int ip_route_newports(struct rtable **rp, u16 sport, u16 dport, - struct sock *sk) +static inline int ip_route_newports(struct rtable **rp, u8 protocol, + u16 sport, u16 dport, struct sock *sk) { if (sport != (*rp)->fl.fl_ip_sport || dport != (*rp)->fl.fl_ip_dport) { @@ -180,6 +180,7 @@ static inline int ip_route_newports(stru memcpy(&fl, &(*rp)->fl, sizeof(fl)); fl.fl_ip_sport = sport; fl.fl_ip_dport = dport; + fl.proto = protocol; ip_rt_put(*rp); *rp = NULL; return ip_route_output_flow(rp, &fl, sk, 0); diff --git a/net/dccp/ipv4.c b/net/dccp/ipv4.c index 00f9832..dc0487b 100644 --- a/net/dccp/ipv4.c +++ b/net/dccp/ipv4.c @@ -119,7 +119,8 @@ int dccp_v4_connect(struct sock *sk, str if (err != 0) goto failure; - err = ip_route_newports(&rt, inet->sport, inet->dport, sk); + err = ip_route_newports(&rt, IPPROTO_DCCP, inet->sport, inet->dport, + sk); if (err != 0) goto failure; diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c index 6ea3539..1ac35a6 100644 --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4/tcp_ipv4.c @@ -236,7 +236,7 @@ int tcp_v4_connect(struct sock *sk, stru if (err) goto failure; - err = ip_route_newports(&rt, inet->sport, inet->dport, sk); + err = ip_route_newports(&rt, IPPROTO_TCP, inet->sport, inet->dport, sk); if (err) goto failure;