Re: [PATCH v4] net: netfilter: Fix rpfilter dropping vrf packets by mistake
From: David Ahern
Date: Sat Jun 29 2019 - 08:19:29 EST
On 6/28/19 8:13 PM, linmiaohe wrote:
> You're right. Fib rules code would set FLOWI_FLAG_SKIP_NH_OIF flag. But I set
> it here for distinguish with the flags & XT_RPFILTER_LOOSE branch. Without
> this, they do the same work and maybe should be combined. I don't want to
> do that as that makes code confusing.
> Is this code snipet below ok ? If so, I would delete this flag setting.
>
> } else if (netif_is_l3_master(dev) || netif_is_l3_slave(dev)) {
> fl6.flowi6_oif = dev->ifindex;
> } else if ((flags & XT_RPFILTER_LOOSE) == 0)
> fl6.flowi6_oif = dev->ifindex;
that looks fine to me, but it is up to Pablo.