netfilter: xt_TEE: fix wrong interface selection - starfive-tech/linux.git - StarFive Tech Linux Kernel for VisionFive (JH7110) boards (mirror)

diff options

author	Taehee Yoo <ap420073@gmail.com>	2018-10-06 18:09:18 +0300
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2018-10-11 12:29:14 +0300
commit	f24d2d4f9586985509320f90308723d3d0c4e47f (patch)
tree	68d348b457149c90c47d3bf3ed93c09f5d178abc /net/unix/af_unix.c
parent	4a3e71b7b7dbaf3562be9d508260935aa13cb48b (diff)
download	linux-f24d2d4f9586985509320f90308723d3d0c4e47f.tar.xz

netfilter: xt_TEE: fix wrong interface selection

TEE netdevice notifier handler checks only interface name. however each netns can have same interface name. hence other netns's interface could be selected. test commands: %ip netns add vm1 %iptables -I INPUT -p icmp -j TEE --gateway 192.168.1.1 --oif enp2s0 %ip link set enp2s0 netns vm1 Above rule is in the root netns. but that rule could get enp2s0 ifindex of vm1 by notifier handler. After this patch, TEE rule is added to the per-netns list. Fixes: 9e2f6c5d78db ("netfilter: Rework xt_TEE netdevice notifier") Signed-off-by: Taehee Yoo <ap420073@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

Diffstat (limited to 'net/unix/af_unix.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: