Re: [XFRM]: Always reroute in tunnel mode

To:	Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Subject:	Re: [XFRM]: Always reroute in tunnel mode
From:	Patrick McHardy <kaber@xxxxxxxxx>
Date:	Thu, 17 Feb 2005 19:25:41 +0100
Cc:	"David S. Miller" <davem@xxxxxxxxxxxxx>, Maillist netdev <netdev@xxxxxxxxxxx>
In-reply-to:	<4214DF5B.3010608@xxxxxxxxx>
References:	<4214381F.5020507@xxxxxxxxx> <20050217113654.GA10346@xxxxxxxxxxxxxxxxxxx> <4214DF5B.3010608@xxxxxxxxx>
Sender:	netdev-bounce@xxxxxxxxxxx
User-agent:	Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.7.5) Gecko/20050106 Debian/1.7.5-1

Patrick McHardy wrote:

===== include/net/xfrm.h 1.76 vs edited =====
--- 1.76/include/net/xfrm.h     2005-02-15 22:46:16 +01:00
+++ edited/include/net/xfrm.h   2005-02-17 18:57:39 +01:00
@@ -857,7 +857,7 @@
extern void xfrm_policy_flush(void);
extern int xfrm_sk_policy_insert(struct sock *sk, int dir, struct xfrm_policy 
*pol);
extern int xfrm_flush_bundles(void);
-extern int xfrm_bundle_ok(struct xfrm_dst *xdst, struct flowi *fl, int family);
+extern int xfrm_bundle_ok(struct xfrm_dst *xdst, struct flowi *fl, int family, 
int *is_tunnel);

extern wait_queue_head_t km_waitq;
extern int km_new_mapping(struct xfrm_state *x, xfrm_address_t *ipaddr, u16 
sport);
===== net/ipv4/xfrm4_policy.c 1.15 vs edited =====
--- 1.15/net/ipv4/xfrm4_policy.c        2005-02-17 07:09:55 +01:00
+++ edited/net/ipv4/xfrm4_policy.c      2005-02-17 19:04:45 +01:00
@@ -26,6 +26,7 @@
__xfrm4_find_bundle(struct flowi *fl, struct xfrm_policy *policy)
{
        struct dst_entry *dst;
+       int is_tunnel = 0;

        read_lock_bh(&policy->lock);
        for (dst = policy->bundles; dst; dst = dst->next) {
@@ -33,7 +34,13 @@
                if (xdst->u.rt.fl.oif == fl->oif &&       /*XXX*/
                    xdst->u.rt.fl.fl4_dst == fl->fl4_dst &&
                    xdst->u.rt.fl.fl4_src == fl->fl4_src &&
-                   xfrm_bundle_ok(xdst, fl, AF_INET)) {
+                   xfrm_bundle_ok(xdst, fl, AF_INET, &is_tunnel) &&
+                   (!is_tunnel || (!(xdst->u.rt.fl.fl4_tos ^ fl->fl4_tos) &

The '!' is wrong of course.

+                                               (IPTOS_RT_MASK|RTO_ONLINK) &&
+#ifdef CONFIG_IP_ROUTE_FWMARK
+                                     xdst->u.rt.fl.fl4_fwmark == fl->fl4_fwmark
+#endif
+                                   ))) {
                        dst_clone(dst);
                        break;

<Prev in Thread]	Current Thread	[Next in Thread>
[XFRM]: Always reroute in tunnel mode, Patrick McHardy Re: [XFRM]: Always reroute in tunnel mode, Herbert Xu Re: [XFRM]: Always reroute in tunnel mode, Patrick McHardy Re: [XFRM]: Always reroute in tunnel mode, Patrick McHardy <= Re: [XFRM]: Always reroute in tunnel mode, Herbert Xu Re: [XFRM]: Always reroute in tunnel mode, Patrick McHardy Re: [XFRM]: Always reroute in tunnel mode, Herbert Xu Re: [XFRM]: Always reroute in tunnel mode, Patrick McHardy Re: [XFRM]: Always reroute in tunnel mode, David S. Miller Re: [XFRM]: Always reroute in tunnel mode, Herbert Xu Re: [XFRM]: Always reroute in tunnel mode, Patrick McHardy

Previous by Date:	Re: [XFRM]: Always reroute in tunnel mode, Patrick McHardy
Next by Date:	RE: e1000: driver reboot/kexec bug., Venkatesan, Ganesh
Previous by Thread:	Re: [XFRM]: Always reroute in tunnel mode, Patrick McHardy
Next by Thread:	Re: [XFRM]: Always reroute in tunnel mode, Herbert Xu
Indexes:	[Date] [Thread] [Top] [All Lists]