lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 24 Feb 2018 21:44:40 -0800 From: Roopa Prabhu <roopa@...ulusnetworks.com> To: davem@...emloft.net, netdev@...r.kernel.org Cc: dsa@...ulusnetworks.com, nikolay@...ulusnetworks.com, idosch@...lanox.com Subject: [PATCH net-next 3/5] ipv6: fib6_rules: support for match on sport, dport and ip proto From: Roopa Prabhu <roopa@...ulusnetworks.com> support to match on src port, dst port and ip protocol. Signed-off-by: Roopa Prabhu <roopa@...ulusnetworks.com> --- net/ipv6/fib6_rules.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/net/ipv6/fib6_rules.c b/net/ipv6/fib6_rules.c index 95a2c9e..678d664 100644 --- a/net/ipv6/fib6_rules.c +++ b/net/ipv6/fib6_rules.c @@ -223,6 +223,15 @@ static int fib6_rule_match(struct fib_rule *rule, struct flowi *fl, int flags) if (r->tclass && r->tclass != ip6_tclass(fl6->flowlabel)) return 0; + if (rule->ip_proto && (rule->ip_proto != fl6->flowi4_proto)) + return 0; + + if (!fib_rule_port_inrange(&rule->sport_range, fl6->fl4_sport)) + return 0; + + if (!fib_rule_port_inrange(&rule->dport_range, fl6->fl4_dport)) + return 0; + return 1; } -- 2.1.4
Powered by blists - more mailing lists