git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Phil Sutter <phil@nwl.cc>
	Wed, 5 Oct 2022 16:07:05 +0000 (18:07 +0200)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Thu, 17 Oct 2024 13:11:57 +0000 (15:11 +0200)
commit	5c6cb7ab36e780fee8ee008dc2b81fe612610c6f
tree	b78831d300e7957b78b02d1672946c531f0c52fc	tree
parent	5bcde9b4302120d79370448fdb9356b7220b5e9f	commit \| diff

netfilter: rpfilter/fib: Populate flowic_l3mdev field

[ Upstream commit acc641ab95b66b813c1ce856c377a2bbe71e7f52 ]

Use the introduced field for correct operation with VRF devices instead
of conditionally overwriting flowic_oif. This is a partial revert of
commit b575b24b8eee3 ("netfilter: Fix rpfilter dropping vrf packets by
mistake"), implementing a simpler solution.

Signed-off-by: Phil Sutter <phil@nwl.cc>
Reviewed-by: David Ahern <dsahern@kernel.org>
Reviewed-by: Guillaume Nault <gnault@redhat.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Stable-dep-of: 05ef7055debc ("netfilter: fib: check correct rtable in vrf setups")
Signed-off-by: Sasha Levin <sashal@kernel.org>

net/ipv4/netfilter/ipt_rpfilter.c		diff \| blob \| blame \| history
net/ipv4/netfilter/nft_fib_ipv4.c		diff \| blob \| blame \| history
net/ipv6/netfilter/ip6t_rpfilter.c		diff \| blob \| blame \| history
net/ipv6/netfilter/nft_fib_ipv6.c		diff \| blob \| blame \| history