Alexey Kuznetsov wrote:
> Hello!
> 
> 
>>Alexey, do you remember what the original intent of this was?
> 
> 
> disable_policy was supposed to skip policy checks on input.
> It makes sense only on input device.
> 
> disable_xfrm was supposed to skip transformations on output.
> It makes sense only on output device.
> 
> If it does not work, it was done wrong. :-)
> 
> As I see it, root of the problem is that DST_NOXFRM flag
> is calculated using wrong device. out_dev should be used
> in __mkroute_input(). It looks as a cut-n-paste error, the code
> was taken from output path, where it is correct.

Thanks, thats exactly what I suspected :)

Here's the patch again properly signed off.