Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit 92444123 authored by Taehee Yoo's avatar Taehee Yoo Committed by Subash Abhinov Kasiviswanathan
Browse files

netfilter: xt_TEE: fix wrong interface selection 



TEE netdevice notifier handler checks only interface name. however
each netns can have same interface name. hence other netns's interface
could be selected.

test commands:
   %ip netns add vm1
   %iptables -I INPUT -p icmp -j TEE --gateway 192.168.1.1 --oif enp2s0
   %ip link set enp2s0 netns vm1

Above rule is in the root netns. but that rule could get enp2s0
ifindex of vm1 by notifier handler.

After this patch, TEE rule is added to the per-netns list.

CRs-fixed: 2411945
Change-Id: I9076d5e28b30a110d0af816e6338b3af125273f4
Fixes: 9e2f6c5d ("netfilter: Rework xt_TEE netdevice notifier")
Signed-off-by: default avatarTaehee Yoo <ap420073@gmail.com>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
Git-commit: f24d2d4f9586985509320f90308723d3d0c4e47f
Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git


Signed-off-by: default avatarSubash Abhinov Kasiviswanathan <subashab@codeaurora.org>
parent d85f5151
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment