diff options
| author | Patrick McHardy <kaber@trash.net> | 2009-12-02 20:25:57 -0500 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2009-12-03 15:14:37 -0500 |
| commit | 5adef1809147a9c39119ffd5a13a1ca4fe23a411 (patch) | |
| tree | 82c3e969fbe2cb5b227db38dcb7ad18f30b5ae96 | |
| parent | 1b038a5e60c7812f19818e8a5df96d029e49c38f (diff) | |
net 04/05: fib_rules: allow to delete local rule
commit d124356ce314fff22a047ea334379d5105b2d834
Author: Patrick McHardy <kaber@trash.net>
Date: Thu Dec 3 12:16:35 2009 +0100
net: fib_rules: allow to delete local rule
Allow to delete the local rule and recreate it with a higher priority. This
can be used to force packets with a local destination out on the wire instead
of routing them to loopback. Additionally this patch allows to recreate rules
with a priority of 0.
Combined with the previous patch to allow oif classification, a socket can
be bound to the desired interface and packets routed to the wire like this:
# move local rule to lower priority
ip rule add pref 1000 lookup local
ip rule del pref 0
# route packets of sockets bound to eth0 to the wire independant
# of the destination address
ip rule add pref 100 oif eth0 lookup 100
ip route add default dev eth0 table 100
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
| -rw-r--r-- | net/core/fib_rules.c | 2 | ||||
| -rw-r--r-- | net/ipv4/fib_rules.c | 2 | ||||
| -rw-r--r-- | net/ipv6/fib6_rules.c | 2 |
3 files changed, 3 insertions, 3 deletions
diff --git a/net/core/fib_rules.c b/net/core/fib_rules.c index d1a70ad4b544..ef0e7d9e664b 100644 --- a/net/core/fib_rules.c +++ b/net/core/fib_rules.c | |||
| @@ -287,7 +287,7 @@ static int fib_nl_newrule(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg) | |||
| 287 | rule->flags = frh->flags; | 287 | rule->flags = frh->flags; |
| 288 | rule->table = frh_get_table(frh, tb); | 288 | rule->table = frh_get_table(frh, tb); |
| 289 | 289 | ||
| 290 | if (!rule->pref && ops->default_pref) | 290 | if (!tb[FRA_PRIORITY] && ops->default_pref) |
| 291 | rule->pref = ops->default_pref(ops); | 291 | rule->pref = ops->default_pref(ops); |
| 292 | 292 | ||
| 293 | err = -EINVAL; | 293 | err = -EINVAL; |
diff --git a/net/ipv4/fib_rules.c b/net/ipv4/fib_rules.c index 835262c2b867..1239ed23cab6 100644 --- a/net/ipv4/fib_rules.c +++ b/net/ipv4/fib_rules.c | |||
| @@ -284,7 +284,7 @@ static int fib_default_rules_init(struct fib_rules_ops *ops) | |||
| 284 | { | 284 | { |
| 285 | int err; | 285 | int err; |
| 286 | 286 | ||
| 287 | err = fib_default_rule_add(ops, 0, RT_TABLE_LOCAL, FIB_RULE_PERMANENT); | 287 | err = fib_default_rule_add(ops, 0, RT_TABLE_LOCAL, 0); |
| 288 | if (err < 0) | 288 | if (err < 0) |
| 289 | return err; | 289 | return err; |
| 290 | err = fib_default_rule_add(ops, 0x7FFE, RT_TABLE_MAIN, 0); | 290 | err = fib_default_rule_add(ops, 0x7FFE, RT_TABLE_MAIN, 0); |
diff --git a/net/ipv6/fib6_rules.c b/net/ipv6/fib6_rules.c index 00a7a5e4ac97..3b38f49f2c28 100644 --- a/net/ipv6/fib6_rules.c +++ b/net/ipv6/fib6_rules.c | |||
| @@ -276,7 +276,7 @@ static int fib6_rules_net_init(struct net *net) | |||
| 276 | INIT_LIST_HEAD(&net->ipv6.fib6_rules_ops->rules_list); | 276 | INIT_LIST_HEAD(&net->ipv6.fib6_rules_ops->rules_list); |
| 277 | 277 | ||
| 278 | err = fib_default_rule_add(net->ipv6.fib6_rules_ops, 0, | 278 | err = fib_default_rule_add(net->ipv6.fib6_rules_ops, 0, |
| 279 | RT6_TABLE_LOCAL, FIB_RULE_PERMANENT); | 279 | RT6_TABLE_LOCAL, 0); |
| 280 | if (err) | 280 | if (err) |
| 281 | goto out_fib6_rules_ops; | 281 | goto out_fib6_rules_ops; |
| 282 | 282 | ||