* [NETFILTER 2/4]: Don't exclude local packets from MASQUERADING
@ 2005-08-14 22:43 Patrick McHardy
0 siblings, 0 replies; only message in thread
From: Patrick McHardy @ 2005-08-14 22:43 UTC (permalink / raw)
To: David S. Miller; +Cc: Netfilter Development Mailinglist
[-- Attachment #1: 02.diff --]
[-- Type: text/x-patch, Size: 1155 bytes --]
[NETFILTER]: Don't exclude local packets from MASQUERADING
Increases consistency in source-address selection.
Signed-off-by: Patrick McHardy <kaber@trash.net>
---
commit 17bfdaf02646cc6fafa9fa661e4c6e8775a9af3a
tree 6818c5239c4c5a2deefdb328525e2e9c2bdfdd72
parent 5f234544ded29913154a728719cfcf3cbceb9667
author Patrick McHardy <kaber@trash.net> Mon, 15 Aug 2005 00:32:08 +0200
committer Patrick McHardy <kaber@trash.net> Mon, 15 Aug 2005 00:32:08 +0200
net/ipv4/netfilter/ipt_MASQUERADE.c | 5 -----
1 files changed, 0 insertions(+), 5 deletions(-)
diff --git a/net/ipv4/netfilter/ipt_MASQUERADE.c b/net/ipv4/netfilter/ipt_MASQUERADE.c
--- a/net/ipv4/netfilter/ipt_MASQUERADE.c
+++ b/net/ipv4/netfilter/ipt_MASQUERADE.c
@@ -86,11 +86,6 @@ masquerade_target(struct sk_buff **pskb,
IP_NF_ASSERT(hooknum == NF_IP_POST_ROUTING);
- /* FIXME: For the moment, don't do local packets, breaks
- testsuite for 2.3.49 --RR */
- if ((*pskb)->sk)
- return NF_ACCEPT;
-
ct = ip_conntrack_get(*pskb, &ctinfo);
IP_NF_ASSERT(ct && (ctinfo == IP_CT_NEW || ctinfo == IP_CT_RELATED
|| ctinfo == IP_CT_RELATED + IP_CT_IS_REPLY));
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2005-08-14 22:43 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-08-14 22:43 [NETFILTER 2/4]: Don't exclude local packets from MASQUERADING Patrick McHardy
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.