[PATCH] XFRM: Use output device disable_xfrm for forwarded packets

Currently the behaviour of disable_xfrm is inconsistent between locally generated and forwarded packets. For locally generated packets disable_xfrm disables the policy lookup if it is set on the output device, for forwarded traffic however it looks at the input device. This makes it impossible to disable xfrm on all devices but a dummy device and use normal routing to direct traffic to that device. Always use the output device when checking disable_xfrm. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Chris Wright <chrisw@sous-sol.org>
author: David Miller <davem@davemloft.net> 2006-12-04 20:01:31 -0800
committer: Chris Wright <chrisw@sous-sol.org> 2006-12-16 16:20:47 -0800
commit: 6e28fa8b0390dcbb883994f3c634c1f56fe4f93a (patch)
tree: 31e260b9c415d6247b57d2891b6b8777d6bbe92d
parent: b501bcbbb21d2222fa4f0a11d89dffa9fa508be3 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index b873cbcdd0b8..c7a806b826dd 100644
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -1775,7 +1775,7 @@ static inline int __mkroute_input(struct sk_buff *skb,
 #endif
 	if (in_dev->cnf.no_policy)
 		rth->u.dst.flags |= DST_NOPOLICY;
-	if (in_dev->cnf.no_xfrm)
+	if (out_dev->cnf.no_xfrm)
 		rth->u.dst.flags |= DST_NOXFRM;
 	rth->fl.fl4_dst	= daddr;
 	rth->rt_dst	= daddr;
author	David Miller <davem@davemloft.net>	2006-12-04 20:01:31 -0800
committer	Chris Wright <chrisw@sous-sol.org>	2006-12-16 16:20:47 -0800
commit	6e28fa8b0390dcbb883994f3c634c1f56fe4f93a (patch)
tree	31e260b9c415d6247b57d2891b6b8777d6bbe92d
parent	b501bcbbb21d2222fa4f0a11d89dffa9fa508be3 (diff)