1
linux/net
Masahide NAKAMURA 3b26a9a655 [IPV4] IPSEC: Omit redirect for tunnelled packet.
IPv4 IPsec tunnel gateway incorrectly sends redirect to
sender if it is onlink host when network device the IPsec tunnelled
packet is arrived is the same as the one the decapsulated packet
is sent.

With this patch, it omits to send the redirect when the forwarding
skbuff carries secpath, since such skbuff should be assumed as
a decapsulated packet from IPsec tunnel by own.

Request for comments:
Alternatively we'd have another way to change net/ipv4/route.c
(__mkroute_input) to use RTCF_DOREDIRECT flag unless skbuff
has no secpath. It is better than this patch at performance
point of view because IPv4 redirect judgement is done at
routing slow-path. However, it should be taken care of resource
changes between SAD(XFRM states) and routing table. In other words,
When IPv4 SAD is changed does the related routing entry go to its
slow-path? If not, it is reasonable to apply this patch.

Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-10-10 16:48:33 -07:00
..
9p 9p: fix bad error path in conversion routines 2007-08-23 10:25:05 -05:00
802 [SNAP]: Check packet length before reading 2007-08-21 20:58:13 -07:00
8021q [VLAN]: Fix net_device leak. 2007-09-16 16:43:04 -07:00
appletalk [NET]: Make all initialized struct seq_operations const. 2007-07-10 23:07:31 -07:00
atm [ATM]: Replace DPRINTK() with pr_debug(). 2007-10-10 16:48:27 -07:00
ax25 [AX25]: don't free pointers to statically allocated data 2007-08-14 17:24:05 -07:00
bluetooth [BLUETOOTH]: Fix non-COMPAT build of hci_sock.c 2007-09-12 14:10:58 +02:00
bridge [NET] skbuff: Add skb_cow_head 2007-09-16 16:21:16 -07:00
core [ETHTOOL]: Internal cleanup of ethtool_value-related handlers 2007-10-10 16:48:09 -07:00
dccp [DCCP]: Nuke the timeval helpers now that we fully converted to ktime_t 2007-10-10 16:48:17 -07:00
decnet [DECNET]: Fix interface address listing regression. 2007-09-11 10:45:15 +02:00
econet [ECONET]: remove econet_packet_type on unload 2007-08-14 17:25:20 -07:00
ethernet [NET] ethernet: optimize memcpy and memset 2007-10-10 16:48:26 -07:00
ieee80211 Merge branch 'fixes-jgarzik' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-2.6 into upstream-fixes 2007-10-03 13:39:16 -04:00
ipv4 [IPV4] IPSEC: Omit redirect for tunnelled packet. 2007-10-10 16:48:33 -07:00
ipv6 [IPV6] IPSEC: Omit redirect for tunnelled packet. 2007-10-10 16:48:33 -07:00
ipx [NET]: Make all initialized struct seq_operations const. 2007-07-10 23:07:31 -07:00
irda [IRDA] irda_nl_get_mode: always results in failure 2007-08-21 21:23:39 -07:00
iucv [S390] Convert to smp_call_function_single. 2007-07-27 12:29:17 +02:00
key [NET] Cleanup: DIV_ROUND_UP 2007-10-10 16:48:30 -07:00
lapb [PATCH] remove many unneeded #includes of sched.h 2007-02-14 08:09:54 -08:00
llc [NET]: Make all initialized struct seq_operations const. 2007-07-10 23:07:31 -07:00
mac80211 [MAC80211]: Add SIOCGIWTXPOWER routine 2007-10-10 16:47:42 -07:00
netfilter [NETFILTER]: nfnetlink_log: fix sending of multipart messages 2007-09-20 12:13:52 -07:00
netlabel [NetLabel]: add missing rcu_dereference() calls in the LSM domain mapping hash table 2007-08-07 17:53:10 -07:00
netlink [GENETLINK]: Correctly report errors while registering a multicast group 2007-07-24 15:34:53 -07:00
netrom [NET] NETROM: Fix whitespace errors. 2007-07-19 10:44:32 +09:00
packet [NET] PACKET: Fix whitespace errors. 2007-07-19 10:44:35 +09:00
rfkill [NET] RFKILL: Fix whitespace errors. 2007-07-19 10:44:38 +09:00
rose [ROSE]: Fix rose.ko oops on unload 2007-10-07 23:44:17 -07:00
rxrpc net/* misc endianness annotations 2007-07-26 11:11:56 -07:00
sched [NET]: Make NAPI polling independent of struct net_device objects. 2007-10-10 16:47:45 -07:00
sctp [IPV6]: Add v4mapped address inline 2007-10-10 16:48:32 -07:00
sunrpc rpc: fix garbage in printk in svc_tcp_accept() 2007-09-20 13:15:57 -07:00
tipc [TIPC]: Clean up duplicate includes in net/tipc/ 2007-08-13 22:52:07 -07:00
unix [AF_UNIX]: Make code static. 2007-07-31 02:28:27 -07:00
wanrouter [NET]: Removal of duplicated include net/wanrouter/wanmain.c 2007-08-02 19:42:22 -07:00
wireless [WIRELESS] radiotap parser: accept all other fields 2007-10-10 16:47:43 -07:00
x25 [NET]: Make all initialized struct seq_operations const. 2007-07-10 23:07:31 -07:00
xfrm [XFRM] netlink: Inline attach_encap_tmpl(), attach_sec_ctx(), and attach_one_addr() 2007-10-10 16:48:26 -07:00
compat.c O_CLOEXEC for SCM_RIGHTS 2007-07-16 09:05:45 -07:00
Kconfig 9p: Reorganization of 9p file system code 2007-07-14 15:13:40 -05:00
Makefile 9p: Reorganization of 9p file system code 2007-07-14 15:13:40 -05:00
nonet.c [PATCH] Make most file operations structs in fs/ const 2006-03-28 09:16:06 -08:00
socket.c [NET]: Zero length write() on socket should not simply return 0. 2007-09-27 13:52:00 -07:00
sysctl_net.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
TUNABLE