net: Don't proxy arp respond if iif == rt->dst.dev if private VLAN is disabled

Commit 653241 (net: RFC3069, private VLAN proxy arp support) changed the behavior of arp proxy to send arp replies back out on the interface the request came in even if the private VLAN feature is disabled. Previously we checked rt->dst.dev != skb->dev for in scenarios, when proxy arp is enabled on for the netdevice and also when individual proxy neighbour entries have been added. This patch adds the check back for the pneigh_lookup() scenario. Signed-off-by: N Thomas Graf <tgraf@suug.ch> Acked-by: N Jesper Dangaard Brouer <hawk@comx.dk> Signed-off-by: N David S. Miller <davem@davemloft.net>

net: Don't proxy arp respond if iif == rt->dst.dev if private VLAN is disabled
Commit 653241 (net: RFC3069, private VLAN proxy arp support) changed the behavior of arp proxy to send arp replies back out on the interface the request came in even if the private VLAN feature is disabled. Previously we checked rt->dst.dev != skb->dev for in scenarios, when proxy arp is enabled on for the netdevice and also when individual proxy neighbour entries have been added. This patch adds the check back for the pneigh_lookup() scenario. Signed-off-by: N Thomas Graf <tgraf@suug.ch> Acked-by: N Jesper Dangaard Brouer <hawk@comx.dk> Signed-off-by: N David S. Miller <davem@davemloft.net>
70620c46 · Thomas Graf · David S. Miller · 5dc7883f · 70620c46
隐藏空白更改
内联并排

Showing with 2 addition and 1 deletion

net/ipv4/arp.c net/ipv4/arp.c +2 -1

未找到文件。
--- a/net/ipv4/arp.c
+++ b/net/ipv4/arp.c
@@ -863,7 +863,8 @@ static int arp_process(struct sk_buff *skb)
 			if (addr_type == RTN_UNICAST  &&
 			    (arp_fwd_proxy(in_dev, dev, rt) ||
 			     arp_fwd_pvlan(in_dev, dev, rt, sip, tip) ||
-			     pneigh_lookup(&arp_tbl, net, &tip, dev, 0))) {
+			     (rt->dst.dev != dev &&
+			      pneigh_lookup(&arp_tbl, net, &tip, dev, 0)))) {
 				n = neigh_event_ns(&arp_tbl, sha, &sip, dev);
 				if (n)
 					neigh_release(n);