aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEric Leblond <eric@inl.fr>2008-11-25 06:15:16 -0500
committerPatrick McHardy <kaber@trash.net>2008-11-25 06:15:16 -0500
commit5f145e44ae09f629d25536b2947a91e9c01bddcb (patch)
tree2f78f50541b5e0203aea320960a7acad7fce0dc0
parent4813eadf6b17caa7fcce67ac2f929a3dd5178fa2 (diff)
netfilter: nfmark routing in OUTPUT, mangle, NFQUEUE
This patch let nfmark to be evaluated for routing decision for OUTPUT packet, in mangle table, when process paquet in NFQUEUE Until now, only change (in NFQUEUE process) on fields src_addr, dest_addr and tos could make netfilter to reevalute the routing. From: Laurent Licour <laurent@licour.com> Signed-off-by: Eric Leblond <eric@inl.fr> Signed-off-by: Patrick McHardy <kaber@trash.net>
-rw-r--r--net/ipv4/netfilter.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/net/ipv4/netfilter.c b/net/ipv4/netfilter.c
index 6efdb70b3eb2..7c145d76384d 100644
--- a/net/ipv4/netfilter.c
+++ b/net/ipv4/netfilter.c
@@ -125,6 +125,7 @@ struct ip_rt_info {
125 __be32 daddr; 125 __be32 daddr;
126 __be32 saddr; 126 __be32 saddr;
127 u_int8_t tos; 127 u_int8_t tos;
128 u_int32_t mark;
128}; 129};
129 130
130static void nf_ip_saveroute(const struct sk_buff *skb, 131static void nf_ip_saveroute(const struct sk_buff *skb,
@@ -138,6 +139,7 @@ static void nf_ip_saveroute(const struct sk_buff *skb,
138 rt_info->tos = iph->tos; 139 rt_info->tos = iph->tos;
139 rt_info->daddr = iph->daddr; 140 rt_info->daddr = iph->daddr;
140 rt_info->saddr = iph->saddr; 141 rt_info->saddr = iph->saddr;
142 rt_info->mark = skb->mark;
141 } 143 }
142} 144}
143 145
@@ -150,6 +152,7 @@ static int nf_ip_reroute(struct sk_buff *skb,
150 const struct iphdr *iph = ip_hdr(skb); 152 const struct iphdr *iph = ip_hdr(skb);
151 153
152 if (!(iph->tos == rt_info->tos 154 if (!(iph->tos == rt_info->tos
155 && skb->mark == rt_info->mark
153 && iph->daddr == rt_info->daddr 156 && iph->daddr == rt_info->daddr
154 && iph->saddr == rt_info->saddr)) 157 && iph->saddr == rt_info->saddr))
155 return ip_route_me_harder(skb, RTN_UNSPEC); 158 return ip_route_me_harder(skb, RTN_UNSPEC);