[Bug 1761] nft_fib checks only the main route table when iif is a slave of a master vrf interface

Thu Oct 24 20:48:46 CEST 2024

https://bugzilla.netfilter.org/show_bug.cgi?id=1761

--- Comment #3 from tsv1991 at gmail.com ---
This patch works as it should, but I'm not sure it won't break anything

--- /root/nft_fib_ipv4.c        2024-10-23 19:01:14.668000000 +0000
+++ net/ipv4/netfilter/nft_fib_ipv4.c   2024-10-24 18:29:48.344000000 +0000
@@ -64,7 +64,7 @@
        struct fib_result res;
        struct flowi4 fl4 = {
                .flowi4_scope = RT_SCOPE_UNIVERSE,
-               .flowi4_iif = LOOPBACK_IFINDEX,
+               .flowi4_iif = nft_in(pkt)->ifindex,
                .flowi4_uid = sock_net_uid(nft_net(pkt), NULL),
        };
        const struct net_device *oif;

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20241024/4be48ad2/attachment.html>
