Pandora Sourcecodes - pandora-kernel.git/commit

author	Jamal Hadi Salim <hadi@cyberus.ca>
	Sat, 26 Dec 2009 01:30:22 +0000 (17:30 -0800)
committer	David S. Miller <davem@davemloft.net>
	Sat, 26 Dec 2009 01:30:22 +0000 (17:30 -0800)
commit	28f6aeea3f12d37bd258b2c0d5ba891bff4ec479
tree	fadf8801f14420d7aac5d0a22812da8773c7f836	tree \| snapshot
parent	4a6e47a460ce55e283063fc3f7391c8ea46bea27	commit \| diff

net: restore ip source validation

when using policy routing and the skb mark:
there are cases where a back path validation requires us
to use a different routing table for src ip validation than
the one used for mapping ingress dst ip.
One such a case is transparent proxying where we pretend to be
the destination system and therefore the local table
is used for incoming packets but possibly a main table would
be used on outbound.
Make the default behavior to allow the above and if users
need to turn on the symmetry via sysctl src_valid_mark

Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca>
Signed-off-by: David S. Miller <davem@davemloft.net>

include/linux/inetdevice.h		diff \| blob \| history
include/linux/sysctl.h		diff \| blob \| history
net/ipv4/devinet.c		diff \| blob \| history
net/ipv4/fib_frontend.c		diff \| blob \| history