diff -urNp linux-2.6.26.2/Documentation/filesystems/proc.txt linux-2.6.26.2/Documentation/filesystems/proc.txt
--- linux-2.6.26.2/Documentation/filesystems/proc.txt	2008-08-06 18:19:01.000000000 +0200
+++ linux-2.6.26.2/Documentation/filesystems/proc.txt	2008-08-11 15:06:46.000000000 +0200
@@ -1996,6 +1996,15 @@ max_size
 Maximum size  of  the routing cache. Old entries will be purged once the cache
 reached has this size.
 
+mc_src_strict
+-------------
+
+There is a hack in the kernel router which provides compatibility for old
+multicast applications such as vic, vat and friends. Unfortunately, this
+hack also breaks normal behavior of preferred source address selection
+(iproute2 "src" field) with multicast and limited broadcast. Enabling this
+option disables this hack and restores normal (strict) behavior.
+
 redirect_load, redirect_number
 ------------------------------
 
diff -urNp linux-2.6.26.2/net/ipv4/route.c linux-2.6.26.2/net/ipv4/route.c
--- linux-2.6.26.2/net/ipv4/route.c	2008-08-06 18:19:01.000000000 +0200
+++ linux-2.6.26.2/net/ipv4/route.c	2008-08-11 15:09:22.000000000 +0200
@@ -131,6 +131,7 @@ static int ip_rt_mtu_expires __read_most
 static int ip_rt_min_pmtu __read_mostly		= 512 + 20 + 20;
 static int ip_rt_min_advmss __read_mostly	= 256;
 static int ip_rt_secret_interval __read_mostly	= 10 * 60 * HZ;
+static int ip_rt_mc_src_strict  __read_mostly	= 0;
 
 static void rt_worker_func(struct work_struct *work);
 static DECLARE_DELAYED_WORK(expires_work, rt_worker_func);
@@ -2326,7 +2327,8 @@ static int ip_route_output_slow(struct n
 		      of another iface. --ANK
 		 */
 
-		if (oldflp->oif == 0
+		if (!ip_rt_mc_src_strict
+		    && oldflp->oif == 0
 		    && (ipv4_is_multicast(oldflp->fl4_dst) ||
 			oldflp->fl4_dst == htonl(0xFFFFFFFF))) {
 			/* Special hack: user can direct multicasts
@@ -2342,6 +2344,12 @@ static int ip_route_output_slow(struct n
 			   cannot know, that ttl is zero, so that packet
 			   will not leave this host and route is valid).
 			   Luckily, this hack is good workaround.
+
+			   Unfortunately, it also breaks normal behavior of
+			   source address preference, so I added a sysctl option
+			   to let the user disable this hack and restore normal
+			   behavior. By default, the hack is still enabled (old
+			   compatibility behavior). -- PY
 			 */
 
 			fl.oif = dev_out->ifindex;
@@ -3009,6 +3017,15 @@ ctl_table ipv4_route_table[] = {
 		.proc_handler	= &proc_dointvec_jiffies,
 		.strategy	= &sysctl_jiffies,
 	},
+	{
+		.ctl_name	= CTL_UNNUMBERED,
+		.procname	= "mc_src_strict",
+		.data		= &ip_rt_mc_src_strict,
+		.maxlen		= sizeof(int),
+		.mode		= 0644,
+		.proc_handler	= &ipv4_doint_and_flush,
+		.strategy	= &ipv4_doint_and_flush_strategy,
+	},
 	{ .ctl_name = 0 }
 };
 #endif