netdev
[Top] [All Lists]

Re: [PATCH] Change masquerade code to use first IP address of interface.

To: Henrik Nordstrom <hno@xxxxxxxxxxxxxxx>
Subject: Re: [PATCH] Change masquerade code to use first IP address of interface.
From: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Date: Wed, 20 Oct 2004 21:12:45 +1000
Cc: Rusty Russell <rusty@xxxxxxxxxxxxxxx>, netdev@xxxxxxxxxxx, netfilter-devel@xxxxxxxxxxxxxxxxxxx
In-reply-to: <Pine.LNX.4.61.0410201300580.28452@xxxxxxxxxxxxxxxxxxxxx>
References: <E1CKBtq-0005FC-00@xxxxxxxxxxxxxxxxxxxxxxxx> <Pine.LNX.4.61.0410201123200.25590@xxxxxxxxxxxxxxxxxxxxx> <20041020104650.GA20868@xxxxxxxxxxxxxxxxxxx> <Pine.LNX.4.61.0410201300580.28452@xxxxxxxxxxxxxxxxxxxxx>
Sender: netdev-bounce@xxxxxxxxxxx
User-agent: Mutt/1.5.6+20040722i
On Wed, Oct 20, 2004 at 01:04:51PM +0200, Henrik Nordstrom wrote:
> On Wed, 20 Oct 2004, Herbert Xu wrote:
> 
> >I mean
> >
> >     rt = (struct rtable *)(*pskb)->dst;
> >     newsrc = inet_select_addr(out, rt->rt_gateway, RT_SCOPE_UNIVERSE);
> 
> IIRC we are not allowed to access this here, but I may be wrong.. If we 

Why? POST_ROUTING is called in three places in ip_output.c and they all
give a valid dst.  In fact ip_refrag in ip_conntrack_standalone.c is also
accessing skb->dst.

> are allowe to access the rtable like this then this is obviously better, 
> and should also solve most policy routing setups (and allow the others to 
> be solved).

Well it isn't really equivalent to full policy routing since we've lost
the preferred source field.

Cheers,
-- 
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

<Prev in Thread] Current Thread [Next in Thread>