Revert "add prelocal table to manipulate locally destinated traffic"

Revert commit 3eea8576d48d9b20cc1c6b46f54c7345a39d13aa since it changes the
default behaviour of user ip rules in unexpected ways.

When an ip rule is added without an explicit priority then the kernel will
use the priority value of the 2nd rule, decreased by one.

On an ordinary system, the 2nd rule usually is "from all lookup main" with
priority 32766 which means that user rules are added beginning with priority
32765 in decreasing order.

Since the introduction of the prelocal rule at prio 0 and the subsequent
moving of "from all lookup local" to prio 1, the kernel will insert all user
rules with priority 0, between the prelocal and local lookup rules, leading
to broken routing in many common scenarios.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>

diff --git a/system-linux.c b/system-linux.c
index 76380867f05813989533553bee9a87b40428509e..351a994dc70270aece9f015b254f76bb9234de09 100644 (file)
--- a/system-linux.c
+++ b/system-linux.c
@@ -44,10 +44,6 @@
 #define RTN_FAILED_POLICY 12
 #endif
 
-#ifndef RT_TABLE_PRELOCAL
-#define RT_TABLE_PRELOCAL 128
-#endif
-
 #ifndef IFA_F_NOPREFIXROUTE
 #define IFA_F_NOPREFIXROUTE 0x200
 #endif
@@ -1838,8 +1834,6 @@ bool system_resolve_rt_table(const char *name, unsigned int *id)
                table = RT_TABLE_MAIN;
        else if (!strcmp(name, "local"))
                table = RT_TABLE_LOCAL;
-       else if (!strcmp(name, "prelocal"))
-               table = RT_TABLE_PRELOCAL;
 
        /* try to look up name in /etc/iproute2/rt_tables */
        else if ((f = fopen("/etc/iproute2/rt_tables", "r")) != NULL)
@@ -1999,10 +1993,6 @@ int system_flush_iprules(void)
        rule.flags = IPRULE_INET4 | IPRULE_PRIORITY | IPRULE_LOOKUP;
 
        rule.priority = 0;
-       rule.lookup = RT_TABLE_PRELOCAL;
-       rv |= system_iprule(&rule, RTM_NEWRULE);
-
-       rule.priority = 1;
        rule.lookup = RT_TABLE_LOCAL;
        rv |= system_iprule(&rule, RTM_NEWRULE);
 
@@ -2018,10 +2008,6 @@ int system_flush_iprules(void)
        rule.flags = IPRULE_INET6 | IPRULE_PRIORITY | IPRULE_LOOKUP;
 
        rule.priority = 0;
-       rule.lookup = RT_TABLE_PRELOCAL;
-       rv |= system_iprule(&rule, RTM_NEWRULE);
-
-       rule.priority = 1;
        rule.lookup = RT_TABLE_LOCAL;
        rv |= system_iprule(&rule, RTM_NEWRULE);