Ok, this patch should fix it. Please test it.
It actually fixes two bugs: net_unreach was never send because of a
missing "-" and it allows sending ICMPs in the firewall checks when there
is no route. I replaced the unused RTCF_LOG flag with RTCF_BADROUTE.
Index: linux/include/linux/in_route.h
===================================================================
RCS file: /vger/u4/cvs/linux/include/linux/in_route.h,v
retrieving revision 1.4
diff -u -u -r1.4 linux/include/linux/in_route.h
--- linux/include/linux/in_route.h 05:47:11 1.4
+++ linux/include/linux/in_route.h 20:15:30
@@ -18,7 +18,8 @@
#define RTCF_MASQ 0x00400000
#define RTCF_SNAT 0x00800000
#define RTCF_DOREDIRECT 0x01000000
-#define RTCF_LOG 0x02000000
+/* #define RTCF_LOG 0x02000000 */
+#define RTCF_BADROUTE 0x02000000
#define RTCF_DIRECTSRC 0x04000000
#define RTCF_DNAT 0x08000000
#define RTCF_BROADCAST 0x10000000
Index: linux/net/ipv4/route.c
===================================================================
RCS file: /vger/u4/cvs/linux/net/ipv4/route.c,v
retrieving revision 1.50
diff -u -u -r1.50 linux/net/ipv4/route.c
--- linux/net/ipv4/route.c 06:23:25 1.50
+++ linux/net/ipv4/route.c 20:15:33
@@ -1097,7 +1097,7 @@
rth->u.dst.input= ip_local_deliver;
if (res.type == RTN_UNREACHABLE) {
rth->u.dst.input= ip_error;
- rth->u.dst.error= err;
+ rth->u.dst.error= -err;
}
rth->rt_flags = flags|RTCF_LOCAL;
rth->rt_type = res.type;
@@ -1105,6 +1105,7 @@
return 0;
no_route:
+ flags |= RTCF_BADROUTE;
spec_dst = inet_select_addr(dev, 0, RT_SCOPE_UNIVERSE);
res.type = RTN_UNREACHABLE;
goto local_input;
Index: linux/net/ipv4/icmp.c
===================================================================
RCS file: /vger/u4/cvs/linux/net/ipv4/icmp.c,v
retrieving revision 1.41
diff -u -u -r1.41 linux/net/ipv4/icmp.c
--- linux/net/ipv4/icmp.c 22:12:10 1.41
+++ linux/net/ipv4/icmp.c 20:15:34
@@ -539,7 +539,7 @@
*/
saddr = iph->daddr;
- if (!(rt->rt_flags&RTCF_LOCAL))
+ if (!(rt->rt_flags& RTCF_LOCAL) || (rt->rt_flags & RTCF_BADROUTE))
saddr = 0;
tos = icmp_pointers[type].error ?
-Andi
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu