summaryrefslogtreecommitdiffstats
path: root/net/ipv4
diff options
context:
space:
mode:
authorPaolo Abeni <pabeni@redhat.com>2015-10-14 14:25:53 +0200
committerDavid S. Miller <davem@davemloft.net>2015-10-14 06:01:07 -0700
commit02a6d6136fa2a17f400a030829a6435556b3e65b (patch)
tree1f07c6a39405a3e650f5e6b48b0cf68ae9adefdc /net/ipv4
parent7d1f6411b04fef2f0a260205c92e811b280ae117 (diff)
downloadlinux-02a6d6136fa2a17f400a030829a6435556b3e65b.tar.bz2
Revert "ipv4/icmp: redirect messages can use the ingress daddr as source"
Revert the commit e2ca690b657f ("ipv4/icmp: redirect messages can use the ingress daddr as source"), which tried to introduce a more suitable behaviour for ICMP redirect messages generated by VRRP routers. However RFC 5798 section 8.1.1 states: The IPv4 source address of an ICMP redirect should be the address that the end-host used when making its next-hop routing decision. while said commit used the generating packet destination address, which do not match the above and in most cases leads to no redirect packets to be generated. Signed-off-by: Paolo Abeni <pabeni@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4')
-rw-r--r--net/ipv4/icmp.c9
-rw-r--r--net/ipv4/sysctl_net_ipv4.c7
2 files changed, 1 insertions, 15 deletions
diff --git a/net/ipv4/icmp.c b/net/ipv4/icmp.c
index f3c356b7c1f0..36e26977c908 100644
--- a/net/ipv4/icmp.c
+++ b/net/ipv4/icmp.c
@@ -659,9 +659,7 @@ void icmp_send(struct sk_buff *skb_in, int type, int code, __be32 info)
*/
saddr = iph->daddr;
- if (!((type == ICMP_REDIRECT) &&
- net->ipv4.sysctl_icmp_redirects_use_orig_daddr) &&
- !(rt->rt_flags & RTCF_LOCAL)) {
+ if (!(rt->rt_flags & RTCF_LOCAL)) {
struct net_device *dev = NULL;
rcu_read_lock();
@@ -1224,11 +1222,6 @@ static int __net_init icmp_sk_init(struct net *net)
net->ipv4.sysctl_icmp_ratemask = 0x1818;
net->ipv4.sysctl_icmp_errors_use_inbound_ifaddr = 0;
- /* Control paramerer - use the daddr of originating packets as saddr
- * in redirect messages?
- */
- net->ipv4.sysctl_icmp_redirects_use_orig_daddr = 0;
-
return 0;
fail:
diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c
index 30a531ccbf77..894da3a70aff 100644
--- a/net/ipv4/sysctl_net_ipv4.c
+++ b/net/ipv4/sysctl_net_ipv4.c
@@ -818,13 +818,6 @@ static struct ctl_table ipv4_net_table[] = {
.proc_handler = proc_dointvec
},
{
- .procname = "icmp_redirects_use_orig_daddr",
- .data = &init_net.ipv4.sysctl_icmp_redirects_use_orig_daddr,
- .maxlen = sizeof(int),
- .mode = 0644,
- .proc_handler = proc_dointvec
- },
- {
.procname = "icmp_ratelimit",
.data = &init_net.ipv4.sysctl_icmp_ratelimit,
.maxlen = sizeof(int),