From patchwork Sun Oct 20 12:43:03 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julian Anastasov X-Patchwork-Id: 284964 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 422462C0097 for ; Sun, 20 Oct 2013 23:44:27 +1100 (EST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751233Ab3JTMoY (ORCPT ); Sun, 20 Oct 2013 08:44:24 -0400 Received: from ja.ssi.bg ([178.16.129.10]:52227 "EHLO ja.home.ssi.bg" rhost-flags-OK-FAIL-OK-FAIL) by vger.kernel.org with ESMTP id S1751061Ab3JTMoX (ORCPT ); Sun, 20 Oct 2013 08:44:23 -0400 Received: from ja.home.ssi.bg (localhost.localdomain [127.0.0.1]) by ja.home.ssi.bg (8.14.7/8.14.7) with ESMTP id r9KChlJR001560; Sun, 20 Oct 2013 15:43:47 +0300 Received: (from root@localhost) by ja.home.ssi.bg (8.14.7/8.14.7/Submit) id r9KChl5Y001559; Sun, 20 Oct 2013 15:43:47 +0300 From: Julian Anastasov To: David Miller Cc: netdev@vger.kernel.org, netfilter-devel@vger.kernel.org, lvs-devel@vger.kernel.org, Hideaki YOSHIFUJI Subject: [PATCH net 1/3] ipv6: always prefer rt6i_gateway if present Date: Sun, 20 Oct 2013 15:43:03 +0300 Message-Id: <1382272985-1528-2-git-send-email-ja@ssi.bg> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1382272985-1528-1-git-send-email-ja@ssi.bg> References: <1382272985-1528-1-git-send-email-ja@ssi.bg> Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org In v3.9 6fd6ce2056de2709 ("ipv6: Do not depend on rt->n in ip6_finish_output2()." changed the behaviour of ip6_finish_output2() such that the recently introduced rt6_nexthop() is used instead of an assigned neighbor. As rt6_nexthop() prefers rt6i_gateway only for gatewayed routes this causes a problem for users like IPVS, xt_TEE and RAW(hdrincl) if they want to use different address for routing compared to the destination address. Another case is when redirect can create RTF_DYNAMIC route without RTF_GATEWAY flag, we ignore the rt6i_gateway in rt6_nexthop(). Fix the above problems by considering the rt6i_gateway if present, so that traffic routed to address on local subnet is not wrongly diverted to the destination address. Thanks to Simon Horman and Phil Oester for spotting the problematic commit. Thanks to Hannes Frederic Sowa for his review and help in testing. Reported-by: Phil Oester Reported-by: Mark Brooks Signed-off-by: Julian Anastasov Acked-by: Hannes Frederic Sowa --- include/net/ip6_route.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/net/ip6_route.h b/include/net/ip6_route.h index f525e70..481404a 100644 --- a/include/net/ip6_route.h +++ b/include/net/ip6_route.h @@ -196,7 +196,7 @@ static inline int ip6_skb_dst_mtu(struct sk_buff *skb) static inline struct in6_addr *rt6_nexthop(struct rt6_info *rt, struct in6_addr *dest) { - if (rt->rt6i_flags & RTF_GATEWAY) + if (rt->rt6i_flags & RTF_GATEWAY || !ipv6_addr_any(&rt->rt6i_gateway)) return &rt->rt6i_gateway; return dest; }