From: Patrick McHardy <kaber@trash.net>
To: Alexey Dobriyan <adobriyan@gmail.com>
Cc: Jan Engelhardt <jengelh@medozas.de>, netfilter-devel@vger.kernel.org
Subject: Re: [PATCH] netfilter: fix mangle tables back
Date: Thu, 11 Feb 2010 18:24:48 +0100 [thread overview]
Message-ID: <4B743D60.1070407@trash.net> (raw)
In-Reply-To: <20100211171553.GB4099@x200>
Alexey Dobriyan wrote:
> On Thu, Feb 11, 2010 at 05:34:30PM +0100, Patrick McHardy wrote:
>> Jan Engelhardt wrote:
>>> On Thursday 2010-02-11 17:12, Alexey Dobriyan wrote:
>>>
>>>> Calling POST_ROUTING hook with NULL input device is not going to work.
>>>>
>>>> --- a/net/ipv4/netfilter/iptable_mangle.c
>>>> +++ b/net/ipv4/netfilter/iptable_mangle.c
>>>> @@ -85,7 +85,7 @@ iptable_mangle_hook(unsigned int hook,
>>>> const struct net_device *out,
>>>> int (*okfn)(struct sk_buff *))
>>>> {
>>>> - if (hook == NF_INET_LOCAL_OUT)
>>>> + if (hook == NF_INET_LOCAL_OUT || hook == NF_INET_POST_ROUTING)
>>>> return ipt_local_hook(hook, skb, in, out, okfn);
>>>>
>>>> /* PREROUTING/INPUT/FORWARD: */
>>> postrouting did not call ipt_local_hook before, so why now?
>> What Alexey meant is that
>>
>> /* PREROUTING/INPUT/FORWARD: */
>> return ipt_do_table(skb, hook, in, out,
>> dev_net(in)->ipv4.iptable_mangle);
>>
>> dev_net(in) for a NULL device won't work. Passing them to the local
>> hook won't work either however since we perform rerouting there.
>> I'm confused now why this didn't crash here so far ...
>
> It did crashed, that's why I noticed it.
> But now I can't reproduce it too. Hopefully this patch is correct.
It looks correct to me. Will try to reproduce the crash
just to make sure.
next prev parent reply other threads:[~2010-02-11 17:24 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-02-11 16:12 [PATCH] netfilter: fix mangle tables back Alexey Dobriyan
2010-02-11 16:25 ` Jan Engelhardt
2010-02-11 16:34 ` Patrick McHardy
2010-02-11 17:07 ` Jan Engelhardt
2010-02-11 17:13 ` Patrick McHardy
2010-02-11 17:15 ` Alexey Dobriyan
2010-02-11 17:24 ` Patrick McHardy [this message]
2010-02-11 17:27 ` Alexey Dobriyan
2010-02-11 17:42 ` Patrick McHardy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4B743D60.1070407@trash.net \
--to=kaber@trash.net \
--cc=adobriyan@gmail.com \
--cc=jengelh@medozas.de \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).