]> git.ipfire.org Git - thirdparty/kernel/stable.git/commit
projects / thirdparty / kernel / stable.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8394883) | patch
netfilter: ip6t_rpfilter: Fix regression with VRF interfaces
authorPhil Sutter <phil@nwl.cc>
Thu, 16 Feb 2023 16:05:36 +0000 (17:05 +0100)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Thu, 17 Oct 2024 13:12:01 +0000 (15:12 +0200)
commit8fcd1021b2608924fe3a9df45d99888ebdd2a28d
tree1c8d4d1d2a743f29a5e25bfcbe307fdfecd7118ctree
parent83948838e1c7a90015834d62932cec37d04941bfcommit | diff
netfilter: ip6t_rpfilter: Fix regression with VRF interfaces

commit efb056e5f1f0036179b2f92c1c15f5ea7a891d70 upstream.

When calling ip6_route_lookup() for the packet arriving on the VRF
interface, the result is always the real (slave) interface. Expect this
when validating the result.

Fixes: acc641ab95b66 ("netfilter: rpfilter/fib: Populate flowic_l3mdev field")
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
net/ipv6/netfilter/ip6t_rpfilter.c diff | blob | blame | history
Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git