From c29606f08260a5095d136581ed5ed29a2864fa2f Mon Sep 17 00:00:00 2001 From: KOVACS Krisztian Date: Wed, 1 Oct 2008 07:44:42 -0700 Subject: [PATCH] --- yaml --- r: 111999 b: refs/heads/master c: 86b08d867d7de001ab224180ed7865fab93fd56e h: refs/heads/master i: 111997: 62c4194b6ee2b3d33b893f6cf77e2846936045d4 111995: 54fab921dc945127929068b69f48cf047594b75c 111991: 0b022cdd397c223ee6292168be3ad9aecdadf021 111983: 7d7dee916c528b827fdef8b9564bab70536dae32 111967: fefb9834aeac6b467825dd31b8d5910cff102978 111935: 625964bd52313615c3f834c12e7a7f08345349d8 111871: 89e02410fe07a42c47c864cad87c3dfb251fe06d v: v3 --- [refs] | 2 +- trunk/include/net/ip.h | 6 ++++++ trunk/net/ipv4/inet_connection_sock.c | 1 + trunk/net/ipv4/ip_output.c | 4 +++- trunk/net/ipv4/netfilter.c | 3 +++ trunk/net/ipv4/syncookies.c | 2 ++ 6 files changed, 16 insertions(+), 2 deletions(-) diff --git a/[refs] b/[refs] index 2f9fb9a73b78..cbb35038778b 100644 --- a/[refs] +++ b/[refs] @@ -1,2 +1,2 @@ --- -refs/heads/master: 88ef4a5a78e63420dd1dd770f1bd1dc198926b04 +refs/heads/master: 86b08d867d7de001ab224180ed7865fab93fd56e diff --git a/trunk/include/net/ip.h b/trunk/include/net/ip.h index 90b27f634b76..d678ea3d474a 100644 --- a/trunk/include/net/ip.h +++ b/trunk/include/net/ip.h @@ -29,6 +29,7 @@ #include #include +#include struct sock; @@ -149,6 +150,11 @@ struct ip_reply_arg { #define IP_REPLY_ARG_NOSRCCHECK 1 +static inline __u8 ip_reply_arg_flowi_flags(const struct ip_reply_arg *arg) +{ + return (arg->flags & IP_REPLY_ARG_NOSRCCHECK) ? FLOWI_FLAG_ANYSRC : 0; +} + void ip_send_reply(struct sock *sk, struct sk_buff *skb, struct ip_reply_arg *arg, unsigned int len); diff --git a/trunk/net/ipv4/inet_connection_sock.c b/trunk/net/ipv4/inet_connection_sock.c index 0c1ae68ee84b..432c570c9f5f 100644 --- a/trunk/net/ipv4/inet_connection_sock.c +++ b/trunk/net/ipv4/inet_connection_sock.c @@ -335,6 +335,7 @@ struct dst_entry* inet_csk_route_req(struct sock *sk, .saddr = ireq->loc_addr, .tos = RT_CONN_FLAGS(sk) } }, .proto = sk->sk_protocol, + .flags = inet_sk_flowi_flags(sk), .uli_u = { .ports = { .sport = inet_sk(sk)->sport, .dport = ireq->rmt_port } } }; diff --git a/trunk/net/ipv4/ip_output.c b/trunk/net/ipv4/ip_output.c index d533a89e08de..d2a8f8bb78a6 100644 --- a/trunk/net/ipv4/ip_output.c +++ b/trunk/net/ipv4/ip_output.c @@ -340,6 +340,7 @@ int ip_queue_xmit(struct sk_buff *skb, int ipfragok) .saddr = inet->saddr, .tos = RT_CONN_FLAGS(sk) } }, .proto = sk->sk_protocol, + .flags = inet_sk_flowi_flags(sk), .uli_u = { .ports = { .sport = inet->sport, .dport = inet->dport } } }; @@ -1371,7 +1372,8 @@ void ip_send_reply(struct sock *sk, struct sk_buff *skb, struct ip_reply_arg *ar .uli_u = { .ports = { .sport = tcp_hdr(skb)->dest, .dport = tcp_hdr(skb)->source } }, - .proto = sk->sk_protocol }; + .proto = sk->sk_protocol, + .flags = ip_reply_arg_flowi_flags(arg) }; security_skb_classify_flow(skb, &fl); if (ip_route_output_key(sock_net(sk), &rt, &fl)) return; diff --git a/trunk/net/ipv4/netfilter.c b/trunk/net/ipv4/netfilter.c index f8edacdf991d..01671ad51ed3 100644 --- a/trunk/net/ipv4/netfilter.c +++ b/trunk/net/ipv4/netfilter.c @@ -20,6 +20,8 @@ int ip_route_me_harder(struct sk_buff *skb, unsigned addr_type) unsigned int type; type = inet_addr_type(&init_net, iph->saddr); + if (skb->sk && inet_sk(skb->sk)->transparent) + type = RTN_LOCAL; if (addr_type == RTN_UNSPEC) addr_type = type; @@ -33,6 +35,7 @@ int ip_route_me_harder(struct sk_buff *skb, unsigned addr_type) fl.nl_u.ip4_u.tos = RT_TOS(iph->tos); fl.oif = skb->sk ? skb->sk->sk_bound_dev_if : 0; fl.mark = skb->mark; + fl.flags = skb->sk ? inet_sk_flowi_flags(skb->sk) : 0; if (ip_route_output_key(&init_net, &rt, &fl) != 0) return -1; diff --git a/trunk/net/ipv4/syncookies.c b/trunk/net/ipv4/syncookies.c index 9d38005abbac..929302b2ba94 100644 --- a/trunk/net/ipv4/syncookies.c +++ b/trunk/net/ipv4/syncookies.c @@ -16,6 +16,7 @@ #include #include #include +#include /* Timestamps: lowest 9 bits store TCP options */ #define TSBITS 9 @@ -337,6 +338,7 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb, .saddr = ireq->loc_addr, .tos = RT_CONN_FLAGS(sk) } }, .proto = IPPROTO_TCP, + .flags = inet_sk_flowi_flags(sk), .uli_u = { .ports = { .sport = th->dest, .dport = th->source } } };