diff options
author | Herbert Xu <herbert@gondor.apana.org.au> | 2005-10-03 17:18:10 -0400 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2005-10-03 17:18:10 -0400 |
commit | 444fc8fc3a1f926fa224655b8950bd853368c1a3 (patch) | |
tree | f6359721fc50ac3802b30d705e2c7c06b983c5f8 /net | |
parent | 496a22b08fa326bf17c11eb900e0505aa9da3506 (diff) |
[IPV4]: Fix "Proxy ARP seems broken"
Meelis Roos <mroos@linux.ee> wrote:
> RK> My firewall setup relies on proxyarp working. However, with 2.6.14-rc3,
> RK> it appears to be completely broken. The firewall is 212.18.232.186,
>
> Same here with some kernel between 14-rc2 and 14-rc3 - no reposnse to
> ARP on a proxyarp gateway. Sorry, no exact revison and no more debugging
> yet since it'a a production gateway.
The breakage is caused by the change to use the CB area for flagging
whether a packet has been queued due to proxy_delay. This area gets
cleared every time arp_rcv gets called. Unfortunately packets delayed
due to proxy_delay also go through arp_rcv when they are reprocessed.
In fact, I can't think of a reason why delayed proxy packets should go
through netfilter again at all. So the easiest solution is to bypass
that and go straight to arp_process.
This is essentially what would've happened before netfilter support
was added to ARP.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
-rw-r--r-- | net/ipv4/arp.c | 11 |
1 files changed, 5 insertions, 6 deletions
diff --git a/net/ipv4/arp.c b/net/ipv4/arp.c index 8bf312bdea13..ec0e36893b01 100644 --- a/net/ipv4/arp.c +++ b/net/ipv4/arp.c | |||
@@ -697,12 +697,6 @@ void arp_send(int type, int ptype, u32 dest_ip, | |||
697 | arp_xmit(skb); | 697 | arp_xmit(skb); |
698 | } | 698 | } |
699 | 699 | ||
700 | static void parp_redo(struct sk_buff *skb) | ||
701 | { | ||
702 | nf_reset(skb); | ||
703 | arp_rcv(skb, skb->dev, NULL, skb->dev); | ||
704 | } | ||
705 | |||
706 | /* | 700 | /* |
707 | * Process an arp request. | 701 | * Process an arp request. |
708 | */ | 702 | */ |
@@ -922,6 +916,11 @@ out: | |||
922 | return 0; | 916 | return 0; |
923 | } | 917 | } |
924 | 918 | ||
919 | static void parp_redo(struct sk_buff *skb) | ||
920 | { | ||
921 | arp_process(skb); | ||
922 | } | ||
923 | |||
925 | 924 | ||
926 | /* | 925 | /* |
927 | * Receive an arp request from the device layer. | 926 | * Receive an arp request from the device layer. |