diff options
| -rwxr-xr-x | pkg/tcpip/packet_buffer.go | 2 | ||||
| -rw-r--r-- | pkg/tcpip/stack/nic.go | 2 | ||||
| -rw-r--r-- | pkg/tcpip/stack/stack.go | 7 | ||||
| -rw-r--r-- | pkg/tcpip/tcpip.go | 3 |
4 files changed, 13 insertions, 1 deletions
diff --git a/pkg/tcpip/packet_buffer.go b/pkg/tcpip/packet_buffer.go index ab24372e7..f1dd8411d 100755 --- a/pkg/tcpip/packet_buffer.go +++ b/pkg/tcpip/packet_buffer.go @@ -55,6 +55,8 @@ type PacketBuffer struct { LinkHeader buffer.View NetworkHeader buffer.View TransportHeader buffer.View + + Mark uint32 } // Clone makes a copy of pk. It clones the Data field, which creates a new diff --git a/pkg/tcpip/stack/nic.go b/pkg/tcpip/stack/nic.go index 63c31aef4..2da17812e 100644 --- a/pkg/tcpip/stack/nic.go +++ b/pkg/tcpip/stack/nic.go @@ -1246,7 +1246,7 @@ func (n *NIC) DeliverNetworkPacket(linkEP LinkEndpoint, remote, local tcpip.Link } } - r, err := n.stack.FindRoute(0, "", dst, protocol, false /* multicastLoop */) + r, err := n.stack.FindRouteEx(0, "", dst, protocol, false /* multicastLoop */, pkt.Mark) if err != nil { n.stack.stats.IP.InvalidDestinationAddressesReceived.Increment() return diff --git a/pkg/tcpip/stack/stack.go b/pkg/tcpip/stack/stack.go index 6f423874a..5ffb7166f 100644 --- a/pkg/tcpip/stack/stack.go +++ b/pkg/tcpip/stack/stack.go @@ -1206,6 +1206,10 @@ func (s *Stack) getRefEP(nic *NIC, localAddr, remoteAddr tcpip.Address, netProto // FindRoute creates a route to the given destination address, leaving through // the given nic and local address (if provided). func (s *Stack) FindRoute(id tcpip.NICID, localAddr, remoteAddr tcpip.Address, netProto tcpip.NetworkProtocolNumber, multicastLoop bool) (Route, *tcpip.Error) { + return s.FindRouteEx(id, localAddr, remoteAddr, netProto, multicastLoop, 0) +} + +func (s *Stack) FindRouteEx(id tcpip.NICID, localAddr, remoteAddr tcpip.Address, netProto tcpip.NetworkProtocolNumber, multicastLoop bool, mark uint32) (Route, *tcpip.Error) { s.mu.RLock() defer s.mu.RUnlock() @@ -1223,6 +1227,9 @@ func (s *Stack) FindRoute(id tcpip.NICID, localAddr, remoteAddr tcpip.Address, n if (id != 0 && id != route.NIC) || (len(remoteAddr) != 0 && !route.Destination.Contains(remoteAddr)) { continue } + if (route.Markmask & mark) != route.Mark { + continue + } if nic, ok := s.nics[route.NIC]; ok && nic.enabled() { if ref := s.getRefEP(nic, localAddr, remoteAddr, netProto); ref != nil { if len(remoteAddr) == 0 { diff --git a/pkg/tcpip/tcpip.go b/pkg/tcpip/tcpip.go index 3dc5d87d6..0c82bb2b6 100644 --- a/pkg/tcpip/tcpip.go +++ b/pkg/tcpip/tcpip.go @@ -735,6 +735,9 @@ type Route struct { // NIC is the id of the nic to be used if this row is viable. NIC NICID + + Mark uint32 + Markmask uint32 } // String implements the fmt.Stringer interface. |