From: Patrick McHardy <kaber@trash.net>
To: "lartc@manchotnetworks.net" <lartc@manchotnetworks.net>
Cc: netfilter-devel <netfilter-devel@lists.netfilter.org>
Subject: Re: policy routing on locally generated packets
Date: Mon, 25 Aug 2003 14:31:58 +0200 [thread overview]
Message-ID: <3F4A01BE.1090805@trash.net> (raw)
In-Reply-To: <1061813400.1289.36.camel@drs0.manchotnetworks.net>
[-- Attachment #1: Type: text/plain, Size: 996 bytes --]
lartc@manchotnetworks.net wrote:
>The statement would force a new routing decision to be made using the
>properties of the packet as it traverses the nat table, respecting any
>marking, tos, etc.
>
>Could any of you be kind enough to offer an analysis of such a new
>target, i.e. would it work, would it be terribly complex, ...
>
A new lookup is performed for outgoing packet if any key affecting
routing decision is changed. However source address is not influenced
by this lookup, for locally originating packets it is set to rt_src in
ip_queue_xmit and ip_build_and_send_pkt but it doesn't happen
automatically with a new lookup. I'm not sure if it would be possible
to set a new source address, sockets which are bound to interfaces
might not accept packets anymore. You could try this patch, it changes
the packets source after the routing key changed, please make sure
both unbound and bound sockets work correctly.
Bye
Patrick
>
>
>Sincerely Yours,
>
>Charles Shick
>
>
>
>
>
>
>
>
[-- Attachment #2: x.diff --]
[-- Type: text/plain, Size: 399 bytes --]
===== net/core/netfilter.c 1.23 vs edited =====
--- 1.23/net/core/netfilter.c Thu Jul 31 01:57:26 2003
+++ edited/net/core/netfilter.c Mon Aug 25 14:25:19 2003
@@ -645,6 +645,7 @@
/* Drop old route. */
dst_release((*pskb)->dst);
(*pskb)->dst = &rt->u.dst;
+ iph->saddr = rt->rt_src;
} else {
/* non-local src, find valid iif to satisfy
* rp-filter when calling ip_route_input. */
next prev parent reply other threads:[~2003-08-25 12:31 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-08-25 12:09 policy routing on locally generated packets lartc
2003-08-25 12:31 ` Patrick McHardy [this message]
2003-08-25 15:13 ` Patrick McHardy
2003-08-25 18:53 ` lartc
2003-08-25 19:07 ` Patrick Schaaf
2003-08-26 8:47 ` lartc
2003-08-26 11:09 ` Patrick Schaaf
2003-08-26 12:01 ` lartc
2003-08-26 12:14 ` Cedric de Launois
2003-08-26 18:47 ` lartc
2003-08-26 19:40 ` Henrik Nordstrom
2003-08-26 13:17 ` Patrick McHardy
2003-08-26 19:37 ` Henrik Nordstrom
2003-08-26 13:12 ` Patrick McHardy
2003-08-26 19:45 ` Henrik Nordstrom
2003-08-27 14:46 ` policy routing on locally generated packets [summary] lartc
2003-08-27 14:57 ` Patrick McHardy
2003-08-27 16:19 ` lartc
2003-08-27 14:58 ` Henrik Nordstrom
2003-08-26 13:06 ` policy routing on locally generated packets Patrick McHardy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3F4A01BE.1090805@trash.net \
--to=kaber@trash.net \
--cc=lartc@manchotnetworks.net \
--cc=netfilter-devel@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.