netfilter: xt_TEE: don't use destination address found in header
Torsten Luettgert bisected TEE regression starting with commit f8126f1d (ipv4: Adjust semantics of rt->rt_gateway.) The problem is that it tries to ARP-lookup the original destination address of the forwarded packet, not the address of the gateway. Fix this using FLOWI_FLAG_KNOWN_NH Julian added in commit c92b9655 (ipv4: Add FLOWI_FLAG_KNOWN_NH), so that known nexthop (info->gw.ip) has preference on resolving. Reported-by: NTorsten Luettgert <ml-netfilter@enda.eu> Bisected-by: NTorsten Luettgert <ml-netfilter@enda.eu> Tested-by: NTorsten Luettgert <ml-netfilter@enda.eu> Cc: Julian Anastasov <ja@ssi.bg> Signed-off-by: NEric Dumazet <edumazet@google.com> Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
Showing
想要评论请 注册 或 登录