Re: Re-routing packets via netfilter (ip_rt_bug)
From: Patrick McHardy
Date: Mon Apr 25 2005 - 04:09:14 EST
Yair Itzhaki wrote:
While traversing packets through Netfilter, changing dest address from a foreign to a local address causes the packet to drop (and show up at ip_rt_bug(), along a syslog entry).
Does this patch fix your problem?
[NETFILTER]: Don't use ip_route_input() for local addresses
Local input routes have ->output set to ip_rt_bug().
Signed-off-by: Patrick McHardy <kaber@xxxxxxxxx>
---
commit bef30866b7440f4c8aff99dc025ea99b8d396390
tree a469360c577fdf6919b9a771521eca120103db45
parent a5c2178d8f07f6180a2daf8df4524cf3b45e62ed
author Patrick McHardy <kaber@xxxxxxxxx> 1114419959 +0200
committer Patrick McHardy <kaber@xxxxxxxxx> 1114419959 +0200
Index: net/core/netfilter.c
===================================================================
--- 70652aa8f30bea3ea83594cc4a47a11f7a8db89d/net/core/netfilter.c (mode:100644 sha1:e51cfa46950cf8f1f4dea42be94e71d76d8c3c5b)
+++ a469360c577fdf6919b9a771521eca120103db45/net/core/netfilter.c (mode:100644 sha1:85936a0b23d9ea42e2cd9d45e8254c2f780eb786)
@@ -611,7 +611,8 @@
/* some non-standard hacks like ipt_REJECT.c:send_reset() can cause
* packets with foreign saddr to appear on the NF_IP_LOCAL_OUT hook.
*/
- if (inet_addr_type(iph->saddr) == RTN_LOCAL) {
+ if (inet_addr_type(iph->saddr) == RTN_LOCAL ||
+ inet_addr_type(iph->daddr) == RTN_LOCAL) {
fl.nl_u.ip4_u.daddr = iph->daddr;
fl.nl_u.ip4_u.saddr = iph->saddr;
fl.nl_u.ip4_u.tos = RT_TOS(iph->tos);