summaryrefslogtreecommitdiffstats
path: root/kernel/bpf
diff options
context:
space:
mode:
authorShmulik Ladkani <shmulik.ladkani@gmail.com>2017-10-21 00:25:15 +0300
committerDavid S. Miller <davem@davemloft.net>2017-10-25 10:33:27 +0900
commit908d140a87a794bf89717ceae54aba5ce86c52e4 (patch)
tree37abafa4f9ebc332c7e646d44e1cf69440171204 /kernel/bpf
parent6a331e1513afb9019722fdd8d4c08533d79fbb81 (diff)
downloadlinux-908d140a87a794bf89717ceae54aba5ce86c52e4.tar.gz
linux-908d140a87a794bf89717ceae54aba5ce86c52e4.tar.bz2
linux-908d140a87a794bf89717ceae54aba5ce86c52e4.zip
ip6_tunnel: Allow rcv/xmit even if remote address is a local address
Currently, ip6_tnl_xmit_ctl drops tunneled packets if the remote address (outer v6 destination) is one of host's locally configured addresses. Same applies to ip6_tnl_rcv_ctl: it drops packets if the remote address (outer v6 source) is a local address. This prevents using ipxip6 (and ip6_gre) tunnels whose local/remote endpoints are on same host; OTOH v4 tunnels (ipip or gre) allow such configurations. An example where this proves useful is a system where entities are identified by their unique v6 addresses, and use tunnels to encapsulate traffic between them. The limitation prevents placing several entities on same host. Introduce IP6_TNL_F_ALLOW_LOCAL_REMOTE which allows to bypass this restriction. Signed-off-by: Shmulik Ladkani <shmulik.ladkani@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'kernel/bpf')
0 files changed, 0 insertions, 0 deletions