diff options
author | Stefan Tomanek <stefan.tomanek@wertarbyte.de> | 2013-08-02 17:19:56 +0200 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2013-08-03 00:24:22 +0200 |
commit | 6ef94cfafba159d6b1a902ccb3349ac6a34ff6ad (patch) | |
tree | f2d7afebf4534ea50273165f4b0798aed704a37c /net/ipv6 | |
parent | icmpv6_filter: allow ICMPv6 messages with bodies < 4 bytes (diff) | |
download | linux-6ef94cfafba159d6b1a902ccb3349ac6a34ff6ad.tar.xz linux-6ef94cfafba159d6b1a902ccb3349ac6a34ff6ad.zip |
fib_rules: add route suppression based on ifgroup
This change adds the ability to suppress a routing decision based upon the
interface group the selected interface belongs to. This allows it to
exclude specific devices from a routing decision.
Signed-off-by: Stefan Tomanek <stefan.tomanek@wertarbyte.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv6')
-rw-r--r-- | net/ipv6/fib6_rules.c | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/net/ipv6/fib6_rules.c b/net/ipv6/fib6_rules.c index 554a4fbabfb3..36283267e2f8 100644 --- a/net/ipv6/fib6_rules.c +++ b/net/ipv6/fib6_rules.c @@ -122,14 +122,24 @@ out: static bool fib6_rule_suppress(struct fib_rule *rule, struct fib_lookup_arg *arg) { struct rt6_info *rt = (struct rt6_info *) arg->result; + struct net_device *dev = rt->rt6i_idev->dev; /* do not accept result if the route does * not meet the required prefix length */ - if (rt->rt6i_dst.plen < rule->table_prefixlen_min) { + if (rt->rt6i_dst.plen < rule->table_prefixlen_min) + goto suppress_route; + + /* do not accept result if the route uses a device + * belonging to a forbidden interface group + */ + if (rule->suppress_ifgroup != -1 && dev && dev->group == rule->suppress_ifgroup) + goto suppress_route; + + return false; + +suppress_route: ip6_rt_put(rt); return true; - } - return false; } static int fib6_rule_match(struct fib_rule *rule, struct flowi *fl, int flags) |