Re: [RFC PATCH] 2.6.22.6 netfilter: sk_setup_caps in ip_make_route_harder
lepton wrote:
> Hi,
> For local src packets, it is better to update sk_route_caps in
> ip_route_me_harder.
This seems like a good idea to me. But why only for local src
(address) packets? This function can also be used for locally
generated packet that have been (f.i.) NATed to a foreign
address ...
> Signed-off-by: Lepton Wu <[EMAIL PROTECTED]>
>
> diff -pru -X linux-2.6.22.6/Documentation/dontdiff
> linux-2.6.22.6/net/ipv4/netfilter.c linux-2.6.22.6-lepton/net/ipv4/netfilter.c
> --- linux-2.6.22.6/net/ipv4/netfilter.c 2007-09-19 13:19:13.0
> +0800
> +++ linux-2.6.22.6-lepton/net/ipv4/netfilter.c2007-09-19
> 17:10:36.0 +0800
> @@ -37,6 +37,10 @@ int ip_route_me_harder(struct sk_buff **
> /* Drop old route. */
> dst_release((*pskb)->dst);
> (*pskb)->dst = >u.dst;
> + if((*pskb)->sk){
> + dst_hold((*pskb)->dst);
> + sk_setup_caps((*pskb)->sk, (*pskb)->dst);
> + }
> } else {
> /* non-local src, find valid iif to satisfy
>* rp-filter when calling ip_route_input. */
>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[RFC PATCH] 2.6.22.6 netfilter: sk_setup_caps in ip_make_route_harder
Hi,
For local src packets, it is better to update sk_route_caps in
ip_route_me_harder.
Signed-off-by: Lepton Wu <[EMAIL PROTECTED]>
diff -pru -X linux-2.6.22.6/Documentation/dontdiff
linux-2.6.22.6/net/ipv4/netfilter.c linux-2.6.22.6-lepton/net/ipv4/netfilter.c
--- linux-2.6.22.6/net/ipv4/netfilter.c 2007-09-19 13:19:13.0 +0800
+++ linux-2.6.22.6-lepton/net/ipv4/netfilter.c 2007-09-19 17:10:36.0
+0800
@@ -37,6 +37,10 @@ int ip_route_me_harder(struct sk_buff **
/* Drop old route. */
dst_release((*pskb)->dst);
(*pskb)->dst = >u.dst;
+ if((*pskb)->sk){
+ dst_hold((*pskb)->dst);
+ sk_setup_caps((*pskb)->sk, (*pskb)->dst);
+ }
} else {
/* non-local src, find valid iif to satisfy
* rp-filter when calling ip_route_input. */
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[RFC PATCH] 2.6.22.6 netfilter: sk_setup_caps in ip_make_route_harder
Hi,
For local src packets, it is better to update sk_route_caps in
ip_route_me_harder.
Signed-off-by: Lepton Wu [EMAIL PROTECTED]
diff -pru -X linux-2.6.22.6/Documentation/dontdiff
linux-2.6.22.6/net/ipv4/netfilter.c linux-2.6.22.6-lepton/net/ipv4/netfilter.c
--- linux-2.6.22.6/net/ipv4/netfilter.c 2007-09-19 13:19:13.0 +0800
+++ linux-2.6.22.6-lepton/net/ipv4/netfilter.c 2007-09-19 17:10:36.0
+0800
@@ -37,6 +37,10 @@ int ip_route_me_harder(struct sk_buff **
/* Drop old route. */
dst_release((*pskb)-dst);
(*pskb)-dst = rt-u.dst;
+ if((*pskb)-sk){
+ dst_hold((*pskb)-dst);
+ sk_setup_caps((*pskb)-sk, (*pskb)-dst);
+ }
} else {
/* non-local src, find valid iif to satisfy
* rp-filter when calling ip_route_input. */
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Re: [RFC PATCH] 2.6.22.6 netfilter: sk_setup_caps in ip_make_route_harder
lepton wrote:
Hi,
For local src packets, it is better to update sk_route_caps in
ip_route_me_harder.
This seems like a good idea to me. But why only for local src
(address) packets? This function can also be used for locally
generated packet that have been (f.i.) NATed to a foreign
address ...
Signed-off-by: Lepton Wu [EMAIL PROTECTED]
diff -pru -X linux-2.6.22.6/Documentation/dontdiff
linux-2.6.22.6/net/ipv4/netfilter.c linux-2.6.22.6-lepton/net/ipv4/netfilter.c
--- linux-2.6.22.6/net/ipv4/netfilter.c 2007-09-19 13:19:13.0
+0800
+++ linux-2.6.22.6-lepton/net/ipv4/netfilter.c2007-09-19
17:10:36.0 +0800
@@ -37,6 +37,10 @@ int ip_route_me_harder(struct sk_buff **
/* Drop old route. */
dst_release((*pskb)-dst);
(*pskb)-dst = rt-u.dst;
+ if((*pskb)-sk){
+ dst_hold((*pskb)-dst);
+ sk_setup_caps((*pskb)-sk, (*pskb)-dst);
+ }
} else {
/* non-local src, find valid iif to satisfy
* rp-filter when calling ip_route_input. */
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
