All of lore.kernel.org
 help / color / mirror / Atom feed
From: Patrick McHardy <kaber@trash.net>
To: Simon Arlott <simon@arlott.org>
Cc: netdev <netdev@vger.kernel.org>,
	kadlec@blackhole.kfki.hu, netfilter-devel@vger.kernel.org
Subject: Re: [PATCH] netfilter: Remove warn_if_extra_mangle
Date: Tue, 04 Nov 2008 14:36:39 +0100	[thread overview]
Message-ID: <49104FE7.7070509@trash.net> (raw)
In-Reply-To: <490F727C.6020705@simon.arlott.org.uk>

Simon Arlott wrote:
> In net/ipv4/netfilter/nf_nat_rule.c, the function warn_if_extra_mangle was added 
> in commit 5b1158e909ecbe1a052203e0d8df15633f829930 (2006-12-02). I have a DNAT 
> target in the OUTPUT chain than changes connections with dst 2.0.0.1 to another 
> address which I'll substitute with 66.102.9.99 below.
> 
> On every boot I get the following message:
> [  146.252505] NAT: no longer support implicit source local NAT
> [  146.252517] NAT: packet src 66.102.9.99 -> dst 2.0.0.1
> 
> As far as I can tell from reading the function doing this, it should warn if the 
> source IP for the route to 66.102.9.99 is different from 2.0.0.1 but that is not 
> the case. It doesn't make sense to check the DNAT target against the local route 
> source.
> 
> Either the function should be changed to correctly check the route, or it should 
> be removed entirely as it's been nearly 2 years since it was added.

Removing it sounds fine to me. Applied, thanks.

      reply	other threads:[~2008-11-04 13:36 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2008-11-03 21:51 [PATCH] netfilter: Remove warn_if_extra_mangle Simon Arlott
2008-11-04 13:36 ` Patrick McHardy [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=49104FE7.7070509@trash.net \
    --to=kaber@trash.net \
    --cc=kadlec@blackhole.kfki.hu \
    --cc=netdev@vger.kernel.org \
    --cc=netfilter-devel@vger.kernel.org \
    --cc=simon@arlott.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.