Revert "ipv4/icmp: redirect messages can use the ingress daddr as source"
Revert the commit e2ca690b657f ("ipv4/icmp: redirect messages
can use the ingress daddr as source"), which tried to introduce a more
suitable behaviour for ICMP redirect messages generated by VRRP routers.
However RFC 5798 section 8.1.1 states:
The IPv4 source address of an ICMP redirect should be the address
that the end-host used when making its next-hop routing decision.
while said commit used the generating packet destination
address, which do not match the above and in most cases leads to
no redirect packets to be generated.
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
diff --git a/net/ipv4/icmp.c b/net/ipv4/icmp.c
index f3c356b..36e2697 100644
--- a/net/ipv4/icmp.c
+++ b/net/ipv4/icmp.c
@@ -659,9 +659,7 @@
*/
saddr = iph->daddr;
- if (!((type == ICMP_REDIRECT) &&
- net->ipv4.sysctl_icmp_redirects_use_orig_daddr) &&
- !(rt->rt_flags & RTCF_LOCAL)) {
+ if (!(rt->rt_flags & RTCF_LOCAL)) {
struct net_device *dev = NULL;
rcu_read_lock();
@@ -1224,11 +1222,6 @@
net->ipv4.sysctl_icmp_ratemask = 0x1818;
net->ipv4.sysctl_icmp_errors_use_inbound_ifaddr = 0;
- /* Control paramerer - use the daddr of originating packets as saddr
- * in redirect messages?
- */
- net->ipv4.sysctl_icmp_redirects_use_orig_daddr = 0;
-
return 0;
fail: