diff options
author | Patrick McHardy <kaber@trash.net> | 2009-12-02 20:25:58 -0500 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2009-12-03 15:14:38 -0500 |
commit | 8153a10c08f1312af563bb92532002e46d3f504a (patch) | |
tree | 95b6d05500f6b5e4f2031d8c83ce4fe5f24df61d /net/ipv4 | |
parent | 5adef1809147a9c39119ffd5a13a1ca4fe23a411 (diff) |
ipv4 05/05: add sysctl to accept packets with local source addresses
commit 8ec1e0ebe26087bfc5c0394ada5feb5758014fc8
Author: Patrick McHardy <kaber@trash.net>
Date: Thu Dec 3 12:16:35 2009 +0100
ipv4: add sysctl to accept packets with local source addresses
Change fib_validate_source() to accept packets with a local source address when
the "accept_local" sysctl is set for the incoming inet device. Combined with the
previous patches, this allows to communicate between multiple local interfaces
over the wire.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4')
-rw-r--r-- | net/ipv4/devinet.c | 1 | ||||
-rw-r--r-- | net/ipv4/fib_frontend.c | 11 |
2 files changed, 8 insertions, 4 deletions
diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c index c100709d6dd..e3126612fcb 100644 --- a/net/ipv4/devinet.c +++ b/net/ipv4/devinet.c | |||
@@ -1468,6 +1468,7 @@ static struct devinet_sysctl_table { | |||
1468 | DEVINET_SYSCTL_RW_ENTRY(SEND_REDIRECTS, "send_redirects"), | 1468 | DEVINET_SYSCTL_RW_ENTRY(SEND_REDIRECTS, "send_redirects"), |
1469 | DEVINET_SYSCTL_RW_ENTRY(ACCEPT_SOURCE_ROUTE, | 1469 | DEVINET_SYSCTL_RW_ENTRY(ACCEPT_SOURCE_ROUTE, |
1470 | "accept_source_route"), | 1470 | "accept_source_route"), |
1471 | DEVINET_SYSCTL_RW_ENTRY(ACCEPT_LOCAL, "accept_local"), | ||
1471 | DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP, "proxy_arp"), | 1472 | DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP, "proxy_arp"), |
1472 | DEVINET_SYSCTL_RW_ENTRY(MEDIUM_ID, "medium_id"), | 1473 | DEVINET_SYSCTL_RW_ENTRY(MEDIUM_ID, "medium_id"), |
1473 | DEVINET_SYSCTL_RW_ENTRY(BOOTP_RELAY, "bootp_relay"), | 1474 | DEVINET_SYSCTL_RW_ENTRY(BOOTP_RELAY, "bootp_relay"), |
diff --git a/net/ipv4/fib_frontend.c b/net/ipv4/fib_frontend.c index 3b373a8b047..3323168ee52 100644 --- a/net/ipv4/fib_frontend.c +++ b/net/ipv4/fib_frontend.c | |||
@@ -241,16 +241,17 @@ int fib_validate_source(__be32 src, __be32 dst, u8 tos, int oif, | |||
241 | .iif = oif }; | 241 | .iif = oif }; |
242 | 242 | ||
243 | struct fib_result res; | 243 | struct fib_result res; |
244 | int no_addr, rpf; | 244 | int no_addr, rpf, accept_local; |
245 | int ret; | 245 | int ret; |
246 | struct net *net; | 246 | struct net *net; |
247 | 247 | ||
248 | no_addr = rpf = 0; | 248 | no_addr = rpf = accept_local = 0; |
249 | rcu_read_lock(); | 249 | rcu_read_lock(); |
250 | in_dev = __in_dev_get_rcu(dev); | 250 | in_dev = __in_dev_get_rcu(dev); |
251 | if (in_dev) { | 251 | if (in_dev) { |
252 | no_addr = in_dev->ifa_list == NULL; | 252 | no_addr = in_dev->ifa_list == NULL; |
253 | rpf = IN_DEV_RPFILTER(in_dev); | 253 | rpf = IN_DEV_RPFILTER(in_dev); |
254 | accept_local = IN_DEV_ACCEPT_LOCAL(in_dev); | ||
254 | } | 255 | } |
255 | rcu_read_unlock(); | 256 | rcu_read_unlock(); |
256 | 257 | ||
@@ -260,8 +261,10 @@ int fib_validate_source(__be32 src, __be32 dst, u8 tos, int oif, | |||
260 | net = dev_net(dev); | 261 | net = dev_net(dev); |
261 | if (fib_lookup(net, &fl, &res)) | 262 | if (fib_lookup(net, &fl, &res)) |
262 | goto last_resort; | 263 | goto last_resort; |
263 | if (res.type != RTN_UNICAST) | 264 | if (res.type != RTN_UNICAST) { |
264 | goto e_inval_res; | 265 | if (res.type != RTN_LOCAL || !accept_local) |
266 | goto e_inval_res; | ||
267 | } | ||
265 | *spec_dst = FIB_RES_PREFSRC(res); | 268 | *spec_dst = FIB_RES_PREFSRC(res); |
266 | fib_combine_itag(itag, &res); | 269 | fib_combine_itag(itag, &res); |
267 | #ifdef CONFIG_IP_ROUTE_MULTIPATH | 270 | #ifdef CONFIG_IP_ROUTE_MULTIPATH |