From: Ben Greear <greearb@candelatech.com>
To: netdev@vger.kernel.org
Cc: Ben Greear <greearb@candelatech.com>
Subject: [net 1/2] net: dev_forward_skb should call nf_reset
Date: Thu, 22 Jul 2010 12:54:47 -0700 [thread overview]
Message-ID: <1279828488-17800-2-git-send-email-greearb@candelatech.com> (raw)
In-Reply-To: <1279828488-17800-1-git-send-email-greearb@candelatech.com>
With conn-track zones and probably with different network
namespaces, the netfilter logic needs to be re-calculated
on packet receive. If the netfilter logic is not reset,
it will not be recalculated properly. This patch adds
the nf_reset logic to dev_forward_skb.
Signed-off-by: Ben Greear <greearb@candelatech.com>
---
:100644 100644 7ac33e5... 22eee4e... M net/core/dev.c
net/core/dev.c | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/net/core/dev.c b/net/core/dev.c
index 7ac33e5..22eee4e 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -1482,6 +1482,7 @@ static inline void net_timestamp(struct sk_buff *skb)
int dev_forward_skb(struct net_device *dev, struct sk_buff *skb)
{
skb_orphan(skb);
+ nf_reset(skb);
if (!(dev->flags & IFF_UP) ||
(skb->len > (dev->mtu + dev->hard_header_len))) {
--
1.6.2.5
next prev parent reply other threads:[~2010-07-22 19:54 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-07-22 19:54 [net 0/2] Clean up netfilter cache on xmit-to-self Ben Greear
2010-07-22 19:54 ` Ben Greear [this message]
2010-07-22 19:54 ` [net 2/2] veth: Remove redundant timestamp assignment Ben Greear
2010-07-26 4:59 ` [net 0/2] Clean up netfilter cache on xmit-to-self David Miller
2010-07-26 5:01 ` David Miller
2010-08-05 18:43 ` Ben Greear
2010-08-05 18:58 ` David Miller
2010-08-05 19:29 ` Ben Greear
-- strict thread matches above, loose matches on Subject: below --
2010-07-22 19:09 Ben Greear
2010-07-22 19:09 ` [net 1/2] net: dev_forward_skb should call nf_reset Ben Greear
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1279828488-17800-2-git-send-email-greearb@candelatech.com \
--to=greearb@candelatech.com \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.