RE: IP Masq weirdness

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: George Bonser: "2.3.23 compile error"
• Previous message: Daniel Schepler: "Re: [2.3.23] Incorrect reported swap size ?"

------=_NextPart_000_0001_01BF1CF2.3151C8D0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit

Slightly revised version. We should look up routes based on the src, dst,
and tos, and select a local address by the gateway. So i modified
ip_masq_select_addr to have many more parameters so it can make a more
informed decision. (and correct one)

I'm learning! Yay!
Also incorporate Alexey's suggested fix to ip_masq_user.c, where
maddr=rt->rt_src is actually correct.

Joe

------=_NextPart_000_0001_01BF1CF2.3151C8D0
Content-Type: application/octet-stream;
name="masq.patch"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment;
filename="masq.patch"

diff -ur linux-2.2.13-vanilla/include/net/ip_masq.h =
linux-2.2.13-ipmasq/include/net/ip_masq.h=0A=
--- linux-2.2.13-vanilla/include/net/ip_masq.h Sat Oct 23 00:18:58 1999=0A=
+++ linux-2.2.13-ipmasq/include/net/ip_masq.h Sat Oct 23 00:19:25 1999=0A=
@@ -153,7 +153,7 @@=0A=
extern struct list_head ip_masq_d_table[IP_MASQ_TAB_SIZE];=0A=
extern const char * ip_masq_state_name(int state);=0A=
extern struct ip_masq_hook *ip_masq_user_hook;=0A=
-extern u32 ip_masq_select_addr(struct device *dev, u32 dst, int scope);=0A=
+extern u32 ip_masq_select_addr(struct device *dev, u32 src, u32 =
gateway, u32 dst, u32 tos, int scope);=0A=
/*=0A=
* =0A=
* IP_MASQ_APP: IP application masquerading definitions =0A=
diff -ur linux-2.2.13-vanilla/net/ipv4/ip_forward.c =
linux-2.2.13-ipmasq/net/ipv4/ip_forward.c=0A=
--- linux-2.2.13-vanilla/net/ipv4/ip_forward.c Sun Mar 21 10:22:00 1999=0A=
+++ linux-2.2.13-ipmasq/net/ipv4/ip_forward.c Sat Oct 23 00:16:08 1999=0A=
@@ -10,6 +10,8 @@=0A=
* Authors: see ip.c=0A=
*=0A=
* Fixes:=0A=
+ * Joseph Gooch : Changed inet_select_addr to ip_masq_select_addr=0A=
+ * : It's only used for that anyway.=0A=
* Many : Split from ip.c , see ip_input.c for =0A=
* history.=0A=
* Dave Gregorich : NULL ip_rt_put fix for multicast =0A=
@@ -176,7 +178,7 @@=0A=
(icmph->type=3D=3DICMP_TIME_EXCEEDED))=0A=
{=0A=
#endif=0A=
- maddr =3D inet_select_addr(dev2, rt->rt_gateway, RT_SCOPE_UNIVERSE);=0A=
+ maddr =3D ip_masq_select_addr(dev2, rt->rt_src, rt->rt_gateway, =
rt->rt_dst, iph->tos, RT_SCOPE_UNIVERSE);=0A=
fw_res =3D ip_fw_masq_icmp(&skb, maddr);=0A=
if (fw_res < 0) {=0A=
kfree_skb(skb);=0A=
@@ -187,7 +189,7 @@=0A=
/* ICMP matched - skip firewall */=0A=
goto skip_call_fw_firewall;=0A=
#ifdef CONFIG_IP_MASQUERADE_ICMP=0A=
- }=0A=
+ }=0A=
#endif =0A=
}=0A=
if (rt->rt_flags&RTCF_MASQ)=0A=
@@ -226,7 +228,7 @@=0A=
=0A=
if (maddr =3D=3D 0)=0A=
#endif=0A=
- maddr =3D inet_select_addr(dev2, rt->rt_gateway, RT_SCOPE_UNIVERSE);=0A=
+ maddr =3D ip_masq_select_addr(dev2, rt->rt_src, rt->rt_gateway, =
rt->rt_dst, iph->tos, RT_SCOPE_UNIVERSE);=0A=
=0A=
if (ip_fw_masquerade(&skb, maddr) < 0) {=0A=
kfree_skb(skb);=0A=
diff -ur linux-2.2.13-vanilla/net/ipv4/ip_masq.c =
linux-2.2.13-ipmasq/net/ipv4/ip_masq.c=0A=
--- linux-2.2.13-vanilla/net/ipv4/ip_masq.c Fri Oct 22 01:43:54 1999=0A=
+++ linux-2.2.13-ipmasq/net/ipv4/ip_masq.c Sat Oct 23 00:14:32 1999=0A=
@@ -10,6 +10,8 @@=0A=
* See ip_fw.c for original log=0A=
*=0A=
* Fixes:=0A=
+ * Joseph Gooch : Modified ip_masq_select_addr to do a route table =
lookup=0A=
+ * (help by Dan Drown) : to choose the proper local address.=0A=
* Juan Jose Ciarlante : Modularized application masquerading (see =
ip_masq_app.c)=0A=
* Juan Jose Ciarlante : New struct ip_masq_seq that holds output/input =
delta seq.=0A=
* Juan Jose Ciarlante : Added hashed lookup by proto,maddr,mport and =
proto,saddr,sport=0A=
@@ -2478,9 +2480,18 @@=0A=
/*=0A=
* Wrapper over inet_select_addr()=0A=
*/=0A=
-u32 ip_masq_select_addr(struct device *dev, u32 dst, int scope)=0A=
+u32 ip_masq_select_addr(struct device *dev, u32 src, u32 gateway, u32 =
dst, u32 tos, int scope)=0A=
{=0A=
- return inet_select_addr(dev, dst, scope);=0A=
+ struct rtable *rt;=0A=
+ u32 maddr;=0A=
+=0A=
+ if (ip_route_output(&rt, dst, src, tos, dev?dev->ifindex:0))=0A=
+ return inet_select_addr(dev, gateway, scope); /* Fallback on old =
method */=0A=
+=0A=
+ /* Route lookup succeeded */=0A=
+ maddr =3D rt->rt_src;=0A=
+ ip_rt_put(rt);=0A=
+ return maddr;=0A=
}=0A=
=0A=
/*=0A=
diff -ur linux-2.2.13-vanilla/net/ipv4/ip_masq_user.c =
linux-2.2.13-ipmasq/net/ipv4/ip_masq_user.c=0A=
--- linux-2.2.13-vanilla/net/ipv4/ip_masq_user.c Fri Oct 22 13:01:48 1999=0A=
+++ linux-2.2.13-ipmasq/net/ipv4/ip_masq_user.c Fri Oct 22 13:03:15 1999=0A=
@@ -100,7 +100,7 @@=0A=
return ret;=0A=
}=0A=
dev =3D rt->u.dst.dev;=0A=
- ums->maddr =3D ip_masq_select_addr(dev, rt->rt_gateway, =
RT_SCOPE_UNIVERSE);=0A=
+ ums->maddr =3D rt->rt_src; /* Per Alexey */=0A=
=0A=
IP_MASQ_DEBUG(1-debug, "did setup maddr=3D%lX\n", ntohl(ums->maddr));=0A=
ip_rt_put(rt);=0A=

------=_NextPart_000_0001_01BF1CF2.3151C8D0--

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

• Next message: George Bonser: "2.3.23 compile error"
• Previous message: Daniel Schepler: "Re: [2.3.23] Incorrect reported swap size ?"