Re: [2.1.4x] Patch for IPIP/Tunnel

Martin Mares (
Wed, 30 Jul 1997 19:30:14 +0200


> Nope, it is impossible in code "as is".
> It requires a bit of trickery.
> You could hack it to select a tunnel to assign
> all not classified IPIP packets to it f.e. to hook netdev notifier
> at ipip.c, catch the moment when the first tunnel goes up
> and select it, or catch when tunl or tunl0 goes up, and
> until this moment drop all such packets. Ugly.

Another solution would be to modify ip_find_tunnel to allow
a "catch all" tunnel interface (e.g., by setting the broadcast
flag or some similar hack) to be defined.

> Beware, if you just deleted ip_find_tunnel, firewall would
> not able to segregate packets arrived from tunnel and normal traffic.

No, for that experiment I've replaced ip_find_tunnel by a hacked
version which accepted the _first_ tunnel device it spotted.

Have a nice fortnight

Martin `MJ' Mares   <>
Faculty of Math and Physics, Charles University, Prague, Czech Rep., Earth
"Purchasing Windows is an Unrecoverable Application Error."