Re: [PATCH v3] net: netfilter: Fix rpfilter dropping vrf packets by mistake

From: David Ahern
Date: Fri Apr 26 2019 - 12:06:20 EST

Next message: Gustavo A. R. Silva: "Re: [PATCH net-next] net: socket: Fix missing break in switch statement"
Previous message: Guo Ren: "Re: [PATCH] riscv: Support non-coherency memory model"
In reply to: linmiaohe: "[PATCH v3] net: netfilter: Fix rpfilter dropping vrf packets by mistake"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 4/25/19 7:43 AM, linmiaohe wrote:
> From: Miaohe Lin <linmiaohe@xxxxxxxxxx>
>
> When firewalld is enabled with ipv4/ipv6 rpfilter, vrf
> ipv4/ipv6 packets will be dropped because in device is
> vrf but out device is an enslaved device. So failed with
> the check of the rpfilter.
>
> Signed-off-by: Miaohe Lin <linmiaohe@xxxxxxxxxx>
> ---
> net/ipv4/netfilter/ipt_rpfilter.c | 1 +
> net/ipv6/netfilter/ip6t_rpfilter.c | 10 +++++++++-
> 2 files changed, 10 insertions(+), 1 deletion(-)
>

Reviewed-by: David Ahern <dsahern@xxxxxxxxx>

Next message: Gustavo A. R. Silva: "Re: [PATCH net-next] net: socket: Fix missing break in switch statement"
Previous message: Guo Ren: "Re: [PATCH] riscv: Support non-coherency memory model"
In reply to: linmiaohe: "[PATCH v3] net: netfilter: Fix rpfilter dropping vrf packets by mistake"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]