[PATCH 1/1] netfilter : fix hooks for SNAT and DNAT targets

netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH 1/1] netfilter : fix hooks for SNAT and DNAT targets
@ 2012-10-15 10:44 Elison Niven
  2012-10-15 21:14 ` Pablo Neira Ayuso
  0 siblings, 1 reply; 2+ messages in thread
From: Elison Niven @ 2012-10-15 10:44 UTC (permalink / raw)
  To: Patrick McHardy, netfilter-devel; +Cc: sanket.shah, Elison Niven

Correct hooks for SNAT and DNAT targets in xt_nat.c :
SNAT hooks should be POST_ROUTING and LOCAL_IN.
DNAT hooks should be PRE_ROUTING and LOCAL_OUT.

Signed-off-by: Elison Niven <elison.niven@cyberoam.com>
Signed-off-by: Sanket Shah <sanket.shah@cyberoam.com>
---
 net/netfilter/xt_nat.c |    8 ++++----
 1 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/net/netfilter/xt_nat.c b/net/netfilter/xt_nat.c
index 81aafa8..bea7464 100644
--- a/net/netfilter/xt_nat.c
+++ b/net/netfilter/xt_nat.c
@@ -111,7 +111,7 @@ static struct xt_target xt_nat_target_reg[] __read_mostly = {
 		.family		= NFPROTO_IPV4,
 		.table		= "nat",
 		.hooks		= (1 << NF_INET_POST_ROUTING) |
-				  (1 << NF_INET_LOCAL_OUT),
+				  (1 << NF_INET_LOCAL_IN),
 		.me		= THIS_MODULE,
 	},
 	{
@@ -123,7 +123,7 @@ static struct xt_target xt_nat_target_reg[] __read_mostly = {
 		.family		= NFPROTO_IPV4,
 		.table		= "nat",
 		.hooks		= (1 << NF_INET_PRE_ROUTING) |
-				  (1 << NF_INET_LOCAL_IN),
+				  (1 << NF_INET_LOCAL_OUT),
 		.me		= THIS_MODULE,
 	},
 	{
@@ -133,7 +133,7 @@ static struct xt_target xt_nat_target_reg[] __read_mostly = {
 		.targetsize	= sizeof(struct nf_nat_range),
 		.table		= "nat",
 		.hooks		= (1 << NF_INET_POST_ROUTING) |
-				  (1 << NF_INET_LOCAL_OUT),
+				  (1 << NF_INET_LOCAL_IN),
 		.me		= THIS_MODULE,
 	},
 	{
@@ -143,7 +143,7 @@ static struct xt_target xt_nat_target_reg[] __read_mostly = {
 		.targetsize	= sizeof(struct nf_nat_range),
 		.table		= "nat",
 		.hooks		= (1 << NF_INET_PRE_ROUTING) |
-				  (1 << NF_INET_LOCAL_IN),
+				  (1 << NF_INET_LOCAL_OUT),
 		.me		= THIS_MODULE,
 	},
 };
-- 
1.7.7


^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [PATCH 1/1] netfilter : fix hooks for SNAT and DNAT targets
  2012-10-15 10:44 [PATCH 1/1] netfilter : fix hooks for SNAT and DNAT targets Elison Niven
@ 2012-10-15 21:14 ` Pablo Neira Ayuso
  0 siblings, 0 replies; 2+ messages in thread
From: Pablo Neira Ayuso @ 2012-10-15 21:14 UTC (permalink / raw)
  To: Elison Niven; +Cc: Patrick McHardy, netfilter-devel, sanket.shah

On Mon, Oct 15, 2012 at 04:14:48PM +0530, Elison Niven wrote:
> Correct hooks for SNAT and DNAT targets in xt_nat.c :
> SNAT hooks should be POST_ROUTING and LOCAL_IN.
> DNAT hooks should be PRE_ROUTING and LOCAL_OUT.

Good catch. Applied, thanks.

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2012-10-15 21:14 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-10-15 10:44 [PATCH 1/1] netfilter : fix hooks for SNAT and DNAT targets Elison Niven
2012-10-15 21:14 ` Pablo Neira Ayuso

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).