From: Dmitry Popov
Date: Wed, 9 Jul 2014 04:47:59 +0400
> How I see ip_tunnel_lookup logic:
> 1) try to find exact match (and if found return this tunnel):
> tunnel.saddr == iph.daddr && tunnel.daddr == iph.saddr && key_matched()
> 2) try to find matched (local) wildcard tunnel:
> tunnel.saddr ==
On Tue, 08 Jul 2014 15:12:10 -0700 (PDT)
David Miller wrote:
> From: Dmitry Popov
> Date: Sat, 5 Jul 2014 02:26:37 +0400
>
> > @@ -205,6 +207,8 @@ struct ip_tunnel *ip_tunnel_lookup(struct ip_tunnel_net
> > *itn,
> >
> > hlist_for_each_entry_rcu(t, head, hash_node) {
> > if (
From: Dmitry Popov
Date: Sat, 5 Jul 2014 02:26:37 +0400
> @@ -205,6 +207,8 @@ struct ip_tunnel *ip_tunnel_lookup(struct ip_tunnel_net
> *itn,
>
> hlist_for_each_entry_rcu(t, head, hash_node) {
> if (t->parms.i_key != key ||
> + t->parms.iph.saddr != 0 ||
> +
This patch fixes 3 similar bugs where incoming packets might be routed into
wrong non-wildcard tunnels:
1) Consider the following setup:
ip address add 1.1.1.1/24 dev eth0
ip address add 1.1.1.2/24 dev eth0
ip tunnel add ipip1 remote 2.2.2.2 local 1.1.1.1 mode ipip dev eth0
ip link
4 matches
Mail list logo
