On Tue, Feb 01, 2005 at 11:42:10PM +0100, Henrik Nordstrom after a spiritual call wrote:
~> >Hi there,
~> >How is it possible to use a range of IPs in the destination of a route?
~> Not today. routes needs to be on a network level. Any range can be split
~> into a set of networks.
Yea, but it is simple problem.
I think it can be solved in this way:
struct rtable
{
...
__u32 rt_dst; /* Path destination */
+ __u32 rt_dst_offset; /* Destination's range, it goes from rt_dst to
rt_dst + rt_dst_offset. If rt_dst_offset is
0, there is no range.
*/
...
}
struct flowi {
int oif;
int iif;
union {
struct {
__u32 daddr;
+ __u32 doffset;
...
#define fld_dst nl_u.dn_u.daddr
+#define fld_offset nl_u.dn_u.doffset
then in ipv4/route.c:
int __ip_route_output_key(...) {
...
- if (rth->fl.fl4_dst == flp->fl4_dst &&
+ if ((rth->fl.fl4_dst >= flp->fl4_dst &&
+ (rth->fl.fl4_dst <= (flp->fl4_dst + rth->fl.fl4_offset))) &&
...
}
That's just an example. The problem is that a lot of other parts need to be
changed, like the rtnetlink and when the kernel changes it's a real mess.
Would someone care about this?
I don't have the time to hack the net/ code, so I choose the dirty hack with
netfilter.
I can use the NF_IP_LOCAL_OUT hook to wrap the outgoing pkts and see if their
dst is in the range. But I can't, because the NF_IP_LOCAL_OUT hook in
ip_queue_xmit() is in the "packet_routed:" case. So the route is checked before
the NF_IP_LOCAL_OUT hook.
I can do a module to wrap the ip_queue_xmit. If it returns -EHOSTUNREACH I check
if the dst is in the range. If it is I create a temp route for the specific ip
and I call again ip_queue_xmit.
But this is the worst hack I can think.
So, what to do?
Any suggestions?
Best Regards
--
:wq!
"I don't know nothing" The One Who reached the Thinking Matter '.'
[ Alpt --- Freaknet Medialab ]
[ GPG Key ID 441CF0EE ]
[ Key fingerprint = 8B02 26E8 831A 7BB9 81A9 5277 BFF8 037E 441C F0EE ]
Attachment:
pgpVQjriaLJH5.pgp
Description: PGP signature
