Commit 730eed27 authored by Guillaume Nault's avatar Guillaume Nault Committed by David S. Miller

sit: allow redirecting ip6ip, ipip and mplsip packets to eth devices

Even though sit transports L3 data (IPv6, IPv4 or MPLS) packets, it
needs to reset the mac_header pointer, so that other parts of the stack
don't mistakenly access the outer header after the packet has been
decapsulated. There are two rx handlers to modify: ipip6_rcv() for the
ip6ip mode and sit_tunnel_rcv() which is used to re-implement the ipip
and mplsip modes of ipip.ko.

This allows to push an Ethernet header to sit packets and redirect
them to an Ethernet device:

  $ tc filter add dev sit0 ingress matchall          \
      action vlan push_eth dst_mac 00:00:5e:00:53:01 \
                           src_mac 00:00:5e:00:53:00 \
      action mirred egress redirect dev eth0

Without this patch, push_eth refuses to add an ethernet header because
the skb appears to already have a MAC header.
Signed-off-by: default avatarGuillaume Nault <gnault@redhat.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 7ad136fd
...@@ -710,6 +710,8 @@ static int ipip6_rcv(struct sk_buff *skb) ...@@ -710,6 +710,8 @@ static int ipip6_rcv(struct sk_buff *skb)
* old iph is no longer valid * old iph is no longer valid
*/ */
iph = (const struct iphdr *)skb_mac_header(skb); iph = (const struct iphdr *)skb_mac_header(skb);
skb_reset_mac_header(skb);
err = IP_ECN_decapsulate(iph, skb); err = IP_ECN_decapsulate(iph, skb);
if (unlikely(err)) { if (unlikely(err)) {
if (log_ecn_error) if (log_ecn_error)
...@@ -780,6 +782,8 @@ static int sit_tunnel_rcv(struct sk_buff *skb, u8 ipproto) ...@@ -780,6 +782,8 @@ static int sit_tunnel_rcv(struct sk_buff *skb, u8 ipproto)
tpi = &ipip_tpi; tpi = &ipip_tpi;
if (iptunnel_pull_header(skb, 0, tpi->proto, false)) if (iptunnel_pull_header(skb, 0, tpi->proto, false))
goto drop; goto drop;
skb_reset_mac_header(skb);
return ip_tunnel_rcv(tunnel, skb, tpi, NULL, log_ecn_error); return ip_tunnel_rcv(tunnel, skb, tpi, NULL, log_ecn_error);
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment