[package] iptables: remove CHAOS and TARPIT patches
[openwrt.git] / target / linux / generic-2.6 / patches-2.6.23 / 201-multiple_default_gateways.patch
1 --- a/include/linux/rtnetlink.h
2 +++ b/include/linux/rtnetlink.h
3 @@ -293,6 +293,8 @@
4 #define RTNH_F_DEAD 1 /* Nexthop is dead (used by multipath) */
5 #define RTNH_F_PERVASIVE 2 /* Do recursive gateway lookup */
6 #define RTNH_F_ONLINK 4 /* Gateway is forced on link */
7 +#define RTNH_F_SUSPECT 8 /* We don't know the real state */
8 +#define RTNH_F_BADSTATE (RTNH_F_DEAD | RTNH_F_SUSPECT)
9
10 /* Macros to handle hexthops */
11
12 --- a/include/net/flow.h
13 +++ b/include/net/flow.h
14 @@ -19,6 +19,8 @@
15 struct {
16 __be32 daddr;
17 __be32 saddr;
18 + __u32 lsrc;
19 + __u32 gw;
20 __u8 tos;
21 __u8 scope;
22 } ip4_u;
23 @@ -43,6 +45,8 @@
24 #define fl6_flowlabel nl_u.ip6_u.flowlabel
25 #define fl4_dst nl_u.ip4_u.daddr
26 #define fl4_src nl_u.ip4_u.saddr
27 +#define fl4_lsrc nl_u.ip4_u.lsrc
28 +#define fl4_gw nl_u.ip4_u.gw
29 #define fl4_tos nl_u.ip4_u.tos
30 #define fl4_scope nl_u.ip4_u.scope
31
32 --- a/net/ipv4/route.c
33 +++ b/net/ipv4/route.c
34 @@ -1116,6 +1116,7 @@
35
36 /* Gateway is different ... */
37 rt->rt_gateway = new_gw;
38 + if (rt->fl.fl4_gw) rt->fl.fl4_gw = new_gw;
39
40 /* Redirect received -> path was valid */
41 dst_confirm(&rth->u.dst);
42 @@ -1551,6 +1552,7 @@
43 rth->fl.fl4_tos = tos;
44 rth->fl.mark = skb->mark;
45 rth->fl.fl4_src = saddr;
46 + rth->fl.fl4_lsrc = 0;
47 rth->rt_src = saddr;
48 #ifdef CONFIG_NET_CLS_ROUTE
49 rth->u.dst.tclassid = itag;
50 @@ -1561,6 +1563,7 @@
51 dev_hold(rth->u.dst.dev);
52 rth->idev = in_dev_get(rth->u.dst.dev);
53 rth->fl.oif = 0;
54 + rth->fl.fl4_gw = 0;
55 rth->rt_gateway = daddr;
56 rth->rt_spec_dst= spec_dst;
57 rth->rt_type = RTN_MULTICAST;
58 @@ -1624,7 +1627,7 @@
59 static inline int __mkroute_input(struct sk_buff *skb,
60 struct fib_result* res,
61 struct in_device *in_dev,
62 - __be32 daddr, __be32 saddr, u32 tos,
63 + __be32 daddr, __be32 saddr, u32 tos, u32 lsrc,
64 struct rtable **result)
65 {
66
67 @@ -1659,6 +1662,7 @@
68 flags |= RTCF_DIRECTSRC;
69
70 if (out_dev == in_dev && err && !(flags & (RTCF_NAT | RTCF_MASQ)) &&
71 + !lsrc &&
72 (IN_DEV_SHARED_MEDIA(out_dev) ||
73 inet_addr_onlink(out_dev, saddr, FIB_RES_GW(*res))))
74 flags |= RTCF_DOREDIRECT;
75 @@ -1692,6 +1696,7 @@
76 rth->fl.mark = skb->mark;
77 rth->fl.fl4_src = saddr;
78 rth->rt_src = saddr;
79 + rth->fl.fl4_lsrc = lsrc;
80 rth->rt_gateway = daddr;
81 rth->rt_iif =
82 rth->fl.iif = in_dev->dev->ifindex;
83 @@ -1699,6 +1704,7 @@
84 dev_hold(rth->u.dst.dev);
85 rth->idev = in_dev_get(rth->u.dst.dev);
86 rth->fl.oif = 0;
87 + rth->fl.fl4_gw = 0;
88 rth->rt_spec_dst= spec_dst;
89
90 rth->u.dst.input = ip_forward;
91 @@ -1720,19 +1726,21 @@
92 struct fib_result* res,
93 const struct flowi *fl,
94 struct in_device *in_dev,
95 - __be32 daddr, __be32 saddr, u32 tos)
96 + __be32 daddr, __be32 saddr, u32 tos,
97 + u32 lsrc)
98 {
99 struct rtable* rth = NULL;
100 int err;
101 unsigned hash;
102
103 + fib_select_default(fl, res);
104 #ifdef CONFIG_IP_ROUTE_MULTIPATH
105 - if (res->fi && res->fi->fib_nhs > 1 && fl->oif == 0)
106 + if (res->fi && res->fi->fib_nhs > 1)
107 fib_select_multipath(fl, res);
108 #endif
109
110 /* create a routing cache entry */
111 - err = __mkroute_input(skb, res, in_dev, daddr, saddr, tos, &rth);
112 + err = __mkroute_input(skb, res, in_dev, daddr, saddr, tos, lsrc, &rth);
113 if (err)
114 return err;
115
116 @@ -1752,18 +1760,18 @@
117 */
118
119 static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr,
120 - u8 tos, struct net_device *dev)
121 + u8 tos, struct net_device *dev, u32 lsrc)
122 {
123 struct fib_result res;
124 struct in_device *in_dev = in_dev_get(dev);
125 struct flowi fl = { .nl_u = { .ip4_u =
126 { .daddr = daddr,
127 - .saddr = saddr,
128 + .saddr = lsrc ? : saddr,
129 .tos = tos,
130 .scope = RT_SCOPE_UNIVERSE,
131 } },
132 .mark = skb->mark,
133 - .iif = dev->ifindex };
134 + .iif = lsrc? loopback_dev.ifindex : dev->ifindex };
135 unsigned flags = 0;
136 u32 itag = 0;
137 struct rtable * rth;
138 @@ -1796,6 +1804,12 @@
139 if (BADCLASS(daddr) || ZERONET(daddr) || LOOPBACK(daddr))
140 goto martian_destination;
141
142 + if (lsrc) {
143 + if (MULTICAST(lsrc) || BADCLASS(lsrc) ||
144 + ZERONET(lsrc) || LOOPBACK(lsrc))
145 + goto e_inval;
146 + }
147 +
148 /*
149 * Now we are ready to route packet.
150 */
151 @@ -1805,6 +1819,10 @@
152 goto no_route;
153 }
154 free_res = 1;
155 + if (lsrc && res.type != RTN_UNICAST && res.type != RTN_NAT)
156 + goto e_inval;
157 + fl.iif = dev->ifindex;
158 + fl.fl4_src = saddr;
159
160 RT_CACHE_STAT_INC(in_slow_tot);
161
162 @@ -1829,7 +1847,7 @@
163 if (res.type != RTN_UNICAST)
164 goto martian_destination;
165
166 - err = ip_mkroute_input(skb, &res, &fl, in_dev, daddr, saddr, tos);
167 + err = ip_mkroute_input(skb, &res, &fl, in_dev, daddr, saddr, tos, lsrc);
168 if (err == -ENOBUFS)
169 goto e_nobufs;
170 if (err == -EINVAL)
171 @@ -1844,6 +1862,8 @@
172 brd_input:
173 if (skb->protocol != htons(ETH_P_IP))
174 goto e_inval;
175 + if (lsrc)
176 + goto e_inval;
177
178 if (ZERONET(saddr))
179 spec_dst = inet_select_addr(dev, 0, RT_SCOPE_LINK);
180 @@ -1884,6 +1904,7 @@
181 rth->u.dst.dev = &loopback_dev;
182 dev_hold(rth->u.dst.dev);
183 rth->idev = in_dev_get(rth->u.dst.dev);
184 + rth->fl.fl4_gw = 0;
185 rth->rt_gateway = daddr;
186 rth->rt_spec_dst= spec_dst;
187 rth->u.dst.input= ip_local_deliver;
188 @@ -1933,8 +1954,9 @@
189 goto e_inval;
190 }
191
192 -int ip_route_input(struct sk_buff *skb, __be32 daddr, __be32 saddr,
193 - u8 tos, struct net_device *dev)
194 +static inline int
195 +ip_route_input_cached(struct sk_buff *skb, __be32 daddr, __be32 saddr,
196 + u8 tos, struct net_device *dev, u32 lsrc)
197 {
198 struct rtable * rth;
199 unsigned hash;
200 @@ -1949,6 +1971,7 @@
201 if (rth->fl.fl4_dst == daddr &&
202 rth->fl.fl4_src == saddr &&
203 rth->fl.iif == iif &&
204 + rth->fl.fl4_lsrc == lsrc &&
205 rth->fl.oif == 0 &&
206 rth->fl.mark == skb->mark &&
207 rth->fl.fl4_tos == tos) {
208 @@ -1995,7 +2018,19 @@
209 rcu_read_unlock();
210 return -EINVAL;
211 }
212 - return ip_route_input_slow(skb, daddr, saddr, tos, dev);
213 + return ip_route_input_slow(skb, daddr, saddr, tos, dev, lsrc);
214 +}
215 +
216 +int ip_route_input(struct sk_buff *skb, u32 daddr, u32 saddr,
217 + u8 tos, struct net_device *dev)
218 +{
219 + return ip_route_input_cached(skb, daddr, saddr, tos, dev, 0);
220 +}
221 +
222 +int ip_route_input_lookup(struct sk_buff *skb, u32 daddr, u32 saddr,
223 + u8 tos, struct net_device *dev, u32 lsrc)
224 +{
225 + return ip_route_input_cached(skb, daddr, saddr, tos, dev, lsrc);
226 }
227
228 static inline int __mkroute_output(struct rtable **result,
229 @@ -2067,6 +2102,7 @@
230 rth->fl.fl4_tos = tos;
231 rth->fl.fl4_src = oldflp->fl4_src;
232 rth->fl.oif = oldflp->oif;
233 + rth->fl.fl4_gw = oldflp->fl4_gw;
234 rth->fl.mark = oldflp->mark;
235 rth->rt_dst = fl->fl4_dst;
236 rth->rt_src = fl->fl4_src;
237 @@ -2145,6 +2181,7 @@
238 struct flowi fl = { .nl_u = { .ip4_u =
239 { .daddr = oldflp->fl4_dst,
240 .saddr = oldflp->fl4_src,
241 + .gw = oldflp->fl4_gw,
242 .tos = tos & IPTOS_RT_MASK,
243 .scope = ((tos & RTO_ONLINK) ?
244 RT_SCOPE_LINK :
245 @@ -2248,6 +2285,7 @@
246 dev_out = &loopback_dev;
247 dev_hold(dev_out);
248 fl.oif = loopback_dev.ifindex;
249 + fl.fl4_gw = 0;
250 res.type = RTN_LOCAL;
251 flags |= RTCF_LOCAL;
252 goto make_route;
253 @@ -2255,7 +2293,7 @@
254
255 if (fib_lookup(&fl, &res)) {
256 res.fi = NULL;
257 - if (oldflp->oif) {
258 + if (oldflp->oif && dev_out->flags & IFF_UP) {
259 /* Apparently, routing tables are wrong. Assume,
260 that the destination is on link.
261
262 @@ -2295,6 +2333,7 @@
263 dev_out = &loopback_dev;
264 dev_hold(dev_out);
265 fl.oif = dev_out->ifindex;
266 + fl.fl4_gw = 0;
267 if (res.fi)
268 fib_info_put(res.fi);
269 res.fi = NULL;
270 @@ -2302,13 +2341,12 @@
271 goto make_route;
272 }
273
274 + if (res.type == RTN_UNICAST)
275 + fib_select_default(&fl, &res);
276 #ifdef CONFIG_IP_ROUTE_MULTIPATH
277 - if (res.fi->fib_nhs > 1 && fl.oif == 0)
278 + if (res.fi->fib_nhs > 1)
279 fib_select_multipath(&fl, &res);
280 - else
281 #endif
282 - if (!res.prefixlen && res.type == RTN_UNICAST && !fl.oif)
283 - fib_select_default(&fl, &res);
284
285 if (!fl.fl4_src)
286 fl.fl4_src = FIB_RES_PREFSRC(res);
287 @@ -2345,6 +2383,7 @@
288 rth->fl.fl4_src == flp->fl4_src &&
289 rth->fl.iif == 0 &&
290 rth->fl.oif == flp->oif &&
291 + rth->fl.fl4_gw == flp->fl4_gw &&
292 rth->fl.mark == flp->mark &&
293 !((rth->fl.fl4_tos ^ flp->fl4_tos) &
294 (IPTOS_RT_MASK | RTO_ONLINK))) {
295 @@ -3030,3 +3069,4 @@
296 EXPORT_SYMBOL(__ip_select_ident);
297 EXPORT_SYMBOL(ip_route_input);
298 EXPORT_SYMBOL(ip_route_output_key);
299 +EXPORT_SYMBOL(ip_route_input_lookup);
This page took 0.06167 seconds and 5 git commands to generate.