* Ville Nuorvala <[EMAIL PROTECTED]> 2006-10-17 03:27
> @@ -123,7 +111,7 @@ static int fib6_rule_match(struct fib_ru
> return 0;
>
> if (r->src.plen) {
> - if (!(flags & RT6_LOOKUP_F_HAS_SADDR) ||
> + if (flags & RT6_LOOKUP_F_HAS_SADDR &&
> !ipv6_prefix_equal(&fl->fl6_src, &r->src.addr, r->src.plen))
> return 0;
> }
This is wrong, rules matching on a source prefix must fail if no
source address is available.
> static struct rt6_info *ip6_pol_route_output(struct fib6_table *table,
> - struct flowi *fl, int flags)
> + struct flowi *fl, int flags,
> + struct fib6_rule *rule)
> {
> struct fib6_node *fn;
> struct rt6_info *rt, *nrt;
> @@ -730,6 +733,16 @@ static struct rt6_info *ip6_pol_route_ou
> struct in6_addr saddr;
>
> ipv6_addr_copy(&saddr, &fl->fl6_src);
> +#ifdef CONFIG_IPV6_SUBTREES
> + if (!has_saddr && rule->src.plen > 0) {
> + /* a source prefix specific policy rule has to override the
> + normal source address selection process */
> + if (ipv6_get_saddr(fl->oif, &fl->fl6_dst, &rule->src, &saddr))
> + goto no_saddr;
> + has_saddr = RT6_LOOKUP_F_HAS_SADDR;
> + ipv6_addr_copy(&fl->fl6_src, &saddr);
> + }
> +#endif
> relookup:
> read_lock_bh(&table->tb6_lock);
I can see why you want the above change but we have to find another way.
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
