908d140a87
Currently, ip6_tnl_xmit_ctl drops tunneled packets if the remote address (outer v6 destination) is one of host's locally configured addresses. Same applies to ip6_tnl_rcv_ctl: it drops packets if the remote address (outer v6 source) is a local address. This prevents using ipxip6 (and ip6_gre) tunnels whose local/remote endpoints are on same host; OTOH v4 tunnels (ipip or gre) allow such configurations. An example where this proves useful is a system where entities are identified by their unique v6 addresses, and use tunnels to encapsulate traffic between them. The limitation prevents placing several entities on same host. Introduce IP6_TNL_F_ALLOW_LOCAL_REMOTE which allows to bypass this restriction. Signed-off-by: Shmulik Ladkani <shmulik.ladkani@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
55 lines
1.8 KiB
C
55 lines
1.8 KiB
C
#ifndef _IP6_TUNNEL_H
|
|
#define _IP6_TUNNEL_H
|
|
|
|
#include <linux/types.h>
|
|
#include <linux/if.h> /* For IFNAMSIZ. */
|
|
#include <linux/in6.h> /* For struct in6_addr. */
|
|
|
|
#define IPV6_TLV_TNL_ENCAP_LIMIT 4
|
|
#define IPV6_DEFAULT_TNL_ENCAP_LIMIT 4
|
|
|
|
/* don't add encapsulation limit if one isn't present in inner packet */
|
|
#define IP6_TNL_F_IGN_ENCAP_LIMIT 0x1
|
|
/* copy the traffic class field from the inner packet */
|
|
#define IP6_TNL_F_USE_ORIG_TCLASS 0x2
|
|
/* copy the flowlabel from the inner packet */
|
|
#define IP6_TNL_F_USE_ORIG_FLOWLABEL 0x4
|
|
/* being used for Mobile IPv6 */
|
|
#define IP6_TNL_F_MIP6_DEV 0x8
|
|
/* copy DSCP from the outer packet */
|
|
#define IP6_TNL_F_RCV_DSCP_COPY 0x10
|
|
/* copy fwmark from inner packet */
|
|
#define IP6_TNL_F_USE_ORIG_FWMARK 0x20
|
|
/* allow remote endpoint on the local node */
|
|
#define IP6_TNL_F_ALLOW_LOCAL_REMOTE 0x40
|
|
|
|
struct ip6_tnl_parm {
|
|
char name[IFNAMSIZ]; /* name of tunnel device */
|
|
int link; /* ifindex of underlying L2 interface */
|
|
__u8 proto; /* tunnel protocol */
|
|
__u8 encap_limit; /* encapsulation limit for tunnel */
|
|
__u8 hop_limit; /* hop limit for tunnel */
|
|
__be32 flowinfo; /* traffic class and flowlabel for tunnel */
|
|
__u32 flags; /* tunnel flags */
|
|
struct in6_addr laddr; /* local tunnel end-point address */
|
|
struct in6_addr raddr; /* remote tunnel end-point address */
|
|
};
|
|
|
|
struct ip6_tnl_parm2 {
|
|
char name[IFNAMSIZ]; /* name of tunnel device */
|
|
int link; /* ifindex of underlying L2 interface */
|
|
__u8 proto; /* tunnel protocol */
|
|
__u8 encap_limit; /* encapsulation limit for tunnel */
|
|
__u8 hop_limit; /* hop limit for tunnel */
|
|
__be32 flowinfo; /* traffic class and flowlabel for tunnel */
|
|
__u32 flags; /* tunnel flags */
|
|
struct in6_addr laddr; /* local tunnel end-point address */
|
|
struct in6_addr raddr; /* remote tunnel end-point address */
|
|
|
|
__be16 i_flags;
|
|
__be16 o_flags;
|
|
__be32 i_key;
|
|
__be32 o_key;
|
|
};
|
|
|
|
#endif
|