Re: [PATCH v4] net: netfilter: Fix rpfilter dropping vrf packets by mistake

From: David Ahern <hidden>
Date: 2019-06-29 12:19:27
Also in: lkml, netfilter-devel

On 6/28/19 8:13 PM, linmiaohe wrote:

You're right. Fib rules code would set FLOWI_FLAG_SKIP_NH_OIF flag.  But I set
it here for distinguish with the flags & XT_RPFILTER_LOOSE branch. Without
this, they do the same work and maybe should be  combined. I don't want to
do that as that makes code confusing.
Is this code snipet below ok ? If so, I would delete this flag setting.
 
       } else if (netif_is_l3_master(dev) || netif_is_l3_slave(dev)) {
               fl6.flowi6_oif = dev->ifindex;
        } else if ((flags & XT_RPFILTER_LOOSE) == 0)
                fl6.flowi6_oif = dev->ifindex;

that looks fine to me, but it is up to Pablo.

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help