Le 10/09/2012 16:35, Vlad Yasevich a écrit :
On 09/10/2012 09:22 AM, Nicolas Dichtel wrote:The goal of these patches is to fix the following problem: a session is established (TCP, SCTP) and after a new policy is inserted. The current code does not recalculate the route, thus the traffic is not encrypted. The patch propose to check flow_cache_genid value when checking a dst entry, which is incremented each time a policy is inserted or deleted. v2: use net->ipv4.rt_genid instead of flow_cache_genid (and thus save a test in fast path). Also move it to net->rt_genid, to be able to use it for IPv6 too. Note that IPv6 will have one more test in fast path. Patches are tested with TCP and SCTP, IPv4 and IPv6. Comments are welcome. Regards, NicolasI am not sure this is right... This has a side-effect that when an rt_cache_flush() is called, it invalidates IPv6 routes a well.... Its all fine and good do this when a new policy is added, but not when IPv4 routing table changes.
I already ask for this side effect, Eric answers me: http://marc.info/?l=linux-netdev&m=134728265000776&w=2 -- To unsubscribe from this list: send the line "unsubscribe linux-sctp" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
