[IPV4]: Sysctl configurable icmp error source address.
authorJ. Simonetti <jeroen@simonetti.nl>
Mon, 13 Jun 2005 22:19:03 +0000 (15:19 -0700)
committerDavid S. Miller <davem@davemloft.net>
Mon, 13 Jun 2005 22:19:03 +0000 (15:19 -0700)
This patch alows you to change the source address of icmp error
messages. It applies cleanly to 2.6.11.11 and retains the default
behaviour.

In the old (default) behaviour icmp error messages are sent with the ip
of the exiting interface.

The new behaviour (when the sysctl variable is toggled on), it will send
the message with the ip of the interface that received the packet that
caused the icmp error. This is the behaviour network administrators will
expect from a router. It makes debugging complicated network layouts
much easier. Also, all 'vendor routers' I know of have the later
behaviour.

Signed-off-by: David S. Miller <davem@davemloft.net>
include/linux/sysctl.h
net/ipv4/icmp.c
net/ipv4/sysctl_net_ipv4.c

index 23032d9d607154fd48e41422f346c3ddcb8e72e6..a17745c80a91a6ce19fdeeb007aa1f529ce440df 100644 (file)
@@ -346,6 +346,7 @@ enum
        NET_TCP_MODERATE_RCVBUF=106,
        NET_TCP_TSO_WIN_DIVISOR=107,
        NET_TCP_BIC_BETA=108,
+       NET_IPV4_ICMP_ERRORS_USE_INBOUND_IFADDR=109,
 };
 
 enum {
index 85bf0d3e294b2c6d5da9fe721904ff07f2c47567..cb759484979d94d46d946a66cca3ef4bf87d84a1 100644 (file)
@@ -207,6 +207,7 @@ int sysctl_icmp_ignore_bogus_error_responses;
 
 int sysctl_icmp_ratelimit = 1 * HZ;
 int sysctl_icmp_ratemask = 0x1818;
+int sysctl_icmp_errors_use_inbound_ifaddr;
 
 /*
  *     ICMP control array. This specifies what to do with each ICMP.
@@ -511,8 +512,12 @@ void icmp_send(struct sk_buff *skb_in, int type, int code, u32 info)
         */
 
        saddr = iph->daddr;
-       if (!(rt->rt_flags & RTCF_LOCAL))
-               saddr = 0;
+       if (!(rt->rt_flags & RTCF_LOCAL)) {
+               if (sysctl_icmp_errors_use_inbound_ifaddr)
+                       saddr = inet_select_addr(skb_in->dev, 0, RT_SCOPE_LINK);
+               else
+                       saddr = 0;
+       }
 
        tos = icmp_pointers[type].error ? ((iph->tos & IPTOS_TOS_MASK) |
                                           IPTOS_PREC_INTERNETCONTROL) :
index 3aafb298c1c19691e26a2a599f53b8e7de4214f3..23068bddbf0bb6837edc01ff2f2f8cd34a12c357 100644 (file)
@@ -23,6 +23,7 @@ extern int sysctl_ip_nonlocal_bind;
 extern int sysctl_icmp_echo_ignore_all;
 extern int sysctl_icmp_echo_ignore_broadcasts;
 extern int sysctl_icmp_ignore_bogus_error_responses;
+extern int sysctl_icmp_errors_use_inbound_ifaddr;
 
 /* From ip_fragment.c */
 extern int sysctl_ipfrag_low_thresh;
@@ -395,6 +396,14 @@ ctl_table ipv4_table[] = {
                .mode           = 0644,
                .proc_handler   = &proc_dointvec
        },
+       {
+               .ctl_name       = NET_IPV4_ICMP_ERRORS_USE_INBOUND_IFADDR,
+               .procname       = "icmp_errors_use_inbound_ifaddr",
+               .data           = &sysctl_icmp_errors_use_inbound_ifaddr,
+               .maxlen         = sizeof(int),
+               .mode           = 0644,
+               .proc_handler   = &proc_dointvec
+       },
        {
                .ctl_name       = NET_IPV4_ROUTE,
                .procname       = "route",