diff options
author | Ben Greear <greearb@candelatech.com> | 2010-07-22 09:54:47 +0000 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2010-07-25 21:58:46 -0700 |
commit | c736eefadb71a01a5e61e0de700f28f6952b4444 (patch) | |
tree | d6a7cb06755e24bb5a1a44b68802577c1ca303d8 /net/core | |
parent | 3b87956ea645fb4de7e59c7d0aa94de04be72615 (diff) |
net: dev_forward_skb should call nf_reset
With conn-track zones and probably with different network
namespaces, the netfilter logic needs to be re-calculated
on packet receive. If the netfilter logic is not reset,
it will not be recalculated properly. This patch adds
the nf_reset logic to dev_forward_skb.
Signed-off-by: Ben Greear <greearb@candelatech.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/core')
-rw-r--r-- | net/core/dev.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/net/core/dev.c b/net/core/dev.c index 0ea10f849be..1f466e82ac3 100644 --- a/net/core/dev.c +++ b/net/core/dev.c @@ -1488,6 +1488,7 @@ static inline void net_timestamp_check(struct sk_buff *skb) int dev_forward_skb(struct net_device *dev, struct sk_buff *skb) { skb_orphan(skb); + nf_reset(skb); if (!(dev->flags & IFF_UP) || (skb->len > (dev->mtu + dev->hard_header_len))) { |