git.baikalelectronics.ru Git - kernel.git/commit

author	Julian Anastasov <ja@ssi.bg>
	Mon, 8 Oct 2012 11:41:15 +0000 (11:41 +0000)
committer	David S. Miller <davem@davemloft.net>
	Mon, 8 Oct 2012 21:42:35 +0000 (17:42 -0400)
commit	310c2bf37e9c46bd1c93c5d47b2cc46e7eca90ff
tree	3d5bb2401d12017decf57263936784aa809e524a	tree \| snapshot
parent	65f8798e126b593d645fdb06cc78bb0ffb4a6325	commit \| diff

ipv4: fix sending of redirects

After "Cache input routes in fib_info nexthops" (commit
49de5505b3) and "Elide fib_validate_source() completely when possible"
(commit f2e5ee8996) we can not send ICMP redirects. It seems we
should not cache the RTCF_DOREDIRECT flag in nh_rth_input because
the same fib_info can be used for traffic that is not redirected,
eg. from other input devices or from sources that are not in same subnet.

As result, we have to disable the caching of RTCF_DOREDIRECT
flag and to force source validation for the case when forwarding
traffic to the input device. If traffic comes from directly connected
source we allow redirection as it was done before both changes.

Avoid setting RTCF_DOREDIRECT if IN_DEV_TX_REDIRECTS
is disabled, this can avoid source address validation and to
help caching the routes.

After the change "Adjust semantics of rt->rt_gateway"
(commit 32394c8c6e) we should make sure our ICMP_REDIR_HOST messages
contain daddr instead of 0.0.0.0 when target is directly connected.

Signed-off-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: David S. Miller <davem@davemloft.net>

net/ipv4/fib_frontend.c		diff \| blob \| history
net/ipv4/route.c		diff \| blob \| history