summaryrefslogtreecommitdiffstats
path: root/net/ipv6/fib6_rules.c
diff options
context:
space:
mode:
Diffstat (limited to 'net/ipv6/fib6_rules.c')
-rw-r--r--net/ipv6/fib6_rules.c16
1 files changed, 13 insertions, 3 deletions
diff --git a/net/ipv6/fib6_rules.c b/net/ipv6/fib6_rules.c
index 554a4fbabfb3..36283267e2f8 100644
--- a/net/ipv6/fib6_rules.c
+++ b/net/ipv6/fib6_rules.c
@@ -122,14 +122,24 @@ out:
static bool fib6_rule_suppress(struct fib_rule *rule, struct fib_lookup_arg *arg)
{
struct rt6_info *rt = (struct rt6_info *) arg->result;
+ struct net_device *dev = rt->rt6i_idev->dev;
/* do not accept result if the route does
* not meet the required prefix length
*/
- if (rt->rt6i_dst.plen < rule->table_prefixlen_min) {
+ if (rt->rt6i_dst.plen < rule->table_prefixlen_min)
+ goto suppress_route;
+
+ /* do not accept result if the route uses a device
+ * belonging to a forbidden interface group
+ */
+ if (rule->suppress_ifgroup != -1 && dev && dev->group == rule->suppress_ifgroup)
+ goto suppress_route;
+
+ return false;
+
+suppress_route:
ip6_rt_put(rt);
return true;
- }
- return false;
}
static int fib6_rule_match(struct fib_rule *rule, struct flowi *fl, int flags)
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-29 06:32:03 +0100