diff options
| author | Jason A. Donenfeld <Jason@zx2c4.com> | 2021-06-04 17:17:31 +0200 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2021-06-10 13:39:24 +0200 |
| commit | 842c21d6a0427ed035e544cc49cc3f53b0cb41e0 (patch) | |
| tree | b7d5812916529ac356310255fe15c8736603414f /tools/testing | |
| parent | b8d72ac1f2106adb25ef3e178f373b930aee7d8c (diff) | |
| download | linux-stable-842c21d6a0427ed035e544cc49cc3f53b0cb41e0.tar.gz linux-stable-842c21d6a0427ed035e544cc49cc3f53b0cb41e0.tar.bz2 linux-stable-842c21d6a0427ed035e544cc49cc3f53b0cb41e0.zip | |
wireguard: selftests: make sure rp_filter is disabled on vethc
commit f8873d11d4121aad35024f9379e431e0c83abead upstream.
Some distros may enable strict rp_filter by default, which will prevent
vethc from receiving the packets with an unrouteable reverse path address.
Reported-by: Hangbin Liu <liuhangbin@gmail.com>
Fixes: e7096c131e51 ("net: WireGuard secure network tunnel")
Cc: stable@vger.kernel.org
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'tools/testing')
| -rwxr-xr-x | tools/testing/selftests/wireguard/netns.sh | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/tools/testing/selftests/wireguard/netns.sh b/tools/testing/selftests/wireguard/netns.sh index 7ed7cd95e58f..ebc4ee0fe179 100755 --- a/tools/testing/selftests/wireguard/netns.sh +++ b/tools/testing/selftests/wireguard/netns.sh @@ -363,6 +363,7 @@ ip1 -6 rule add table main suppress_prefixlength 0 ip1 -4 route add default dev wg0 table 51820 ip1 -4 rule add not fwmark 51820 table 51820 ip1 -4 rule add table main suppress_prefixlength 0 +n1 bash -c 'printf 0 > /proc/sys/net/ipv4/conf/vethc/rp_filter' # Flood the pings instead of sending just one, to trigger routing table reference counting bugs. n1 ping -W 1 -c 100 -f 192.168.99.7 n1 ping -W 1 -c 100 -f abab::1111 |