From patchwork Fri Feb 10 14:07:11 2012
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Thomas Graf <tgraf@suug.ch>
X-Patchwork-Id: 140652
X-Patchwork-Delegate: davem@davemloft.net
Return-Path: <netdev-owner@vger.kernel.org>
X-Original-To: patchwork-incoming@ozlabs.org
Delivered-To: patchwork-incoming@ozlabs.org
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 8DE37B6EF3
	for <patchwork-incoming@ozlabs.org>;
	Sat, 11 Feb 2012 01:07:57 +1100 (EST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1755121Ab2BJOHb (ORCPT <rfc822;patchwork-incoming@ozlabs.org>);
	Fri, 10 Feb 2012 09:07:31 -0500
Received: from mx1.redhat.com ([209.132.183.28]:38469 "EHLO mx1.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1752986Ab2BJOHa (ORCPT <rfc822;netdev@vger.kernel.org>);
	Fri, 10 Feb 2012 09:07:30 -0500
Received: from int-mx01.intmail.prod.int.phx2.redhat.com
	(int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11])
	by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id q1AE7EEt021026
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK);
	Fri, 10 Feb 2012 09:07:14 -0500
Received: from localhost (vpn1-4-176.ams2.redhat.com [10.36.4.176])
	by int-mx01.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with
	ESMTP id q1AE7Cnn016929; Fri, 10 Feb 2012 09:07:13 -0500
From: Thomas Graf <tgraf@suug.ch>
To: netdev@vger.kernel.org
Cc: Jesper Dangaard Brouer <hawk@comx.dk>, Thomas Graf <tgraf@suug.ch>
Subject: [PATCH] net: Don't proxy arp respond if iif == rt->dst.dev if
	private VLAN is disabled
Date: Fri, 10 Feb 2012 15:07:11 +0100
Message-Id: <1328882831-15300-1-git-send-email-tgraf@suug.ch>
X-Scanned-By: MIMEDefang 2.67 on 10.5.11.11
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

Commit 653241 (net: RFC3069, private VLAN proxy arp support) changed
the behavior of arp proxy to send arp replies back out on the interface
the request came in even if the private VLAN feature is disabled.

Previously we checked rt->dst.dev != skb->dev for in scenarios, when
proxy arp is enabled on for the netdevice and also when individual proxy
neighbour entries have been added.

This patch adds the check back for the pneigh_lookup() scenario.

Signed-off-by: Thomas Graf <tgraf@suug.ch>
Acked-by: Jesper Dangaard Brouer <hawk@comx.dk>
---
 net/ipv4/arp.c |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/net/ipv4/arp.c b/net/ipv4/arp.c
index 59402be..63e4989 100644
--- a/net/ipv4/arp.c
+++ b/net/ipv4/arp.c
@@ -863,7 +863,8 @@ static int arp_process(struct sk_buff *skb)
 			if (addr_type == RTN_UNICAST  &&
 			    (arp_fwd_proxy(in_dev, dev, rt) ||
 			     arp_fwd_pvlan(in_dev, dev, rt, sip, tip) ||
-			     pneigh_lookup(&arp_tbl, net, &tip, dev, 0))) {
+			     (rt->dst.dev != dev &&
+			      pneigh_lookup(&arp_tbl, net, &tip, dev, 0)))) {
 				n = neigh_event_ns(&arp_tbl, sha, &sip, dev);
 				if (n)
 					neigh_release(n);