aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--net/ipv4/netfilter/iptable_mangle.c10
-rw-r--r--net/ipv6/netfilter/ip6table_mangle.c10
2 files changed, 6 insertions, 14 deletions
diff --git a/net/ipv4/netfilter/iptable_mangle.c b/net/ipv4/netfilter/iptable_mangle.c
index c8333305d63..b9b83464cbf 100644
--- a/net/ipv4/netfilter/iptable_mangle.c
+++ b/net/ipv4/netfilter/iptable_mangle.c
@@ -36,11 +36,7 @@ static const struct xt_table packet_mangler = {
36}; 36};
37 37
38static unsigned int 38static unsigned int
39ipt_local_hook(unsigned int hook, 39ipt_mangle_out(struct sk_buff *skb, const struct net_device *out)
40 struct sk_buff *skb,
41 const struct net_device *in,
42 const struct net_device *out,
43 int (*okfn)(struct sk_buff *))
44{ 40{
45 unsigned int ret; 41 unsigned int ret;
46 const struct iphdr *iph; 42 const struct iphdr *iph;
@@ -60,7 +56,7 @@ ipt_local_hook(unsigned int hook,
60 daddr = iph->daddr; 56 daddr = iph->daddr;
61 tos = iph->tos; 57 tos = iph->tos;
62 58
63 ret = ipt_do_table(skb, hook, in, out, 59 ret = ipt_do_table(skb, NF_INET_LOCAL_OUT, NULL, out,
64 dev_net(out)->ipv4.iptable_mangle); 60 dev_net(out)->ipv4.iptable_mangle);
65 /* Reroute for ANY change. */ 61 /* Reroute for ANY change. */
66 if (ret != NF_DROP && ret != NF_STOLEN && ret != NF_QUEUE) { 62 if (ret != NF_DROP && ret != NF_STOLEN && ret != NF_QUEUE) {
@@ -86,7 +82,7 @@ iptable_mangle_hook(unsigned int hook,
86 int (*okfn)(struct sk_buff *)) 82 int (*okfn)(struct sk_buff *))
87{ 83{
88 if (hook == NF_INET_LOCAL_OUT) 84 if (hook == NF_INET_LOCAL_OUT)
89 return ipt_local_hook(hook, skb, in, out, okfn); 85 return ipt_mangle_out(skb, out);
90 if (hook == NF_INET_POST_ROUTING) 86 if (hook == NF_INET_POST_ROUTING)
91 return ipt_do_table(skb, hook, in, out, 87 return ipt_do_table(skb, hook, in, out,
92 dev_net(out)->ipv4.iptable_mangle); 88 dev_net(out)->ipv4.iptable_mangle);
diff --git a/net/ipv6/netfilter/ip6table_mangle.c b/net/ipv6/netfilter/ip6table_mangle.c
index b6216dede52..7844e557c0e 100644
--- a/net/ipv6/netfilter/ip6table_mangle.c
+++ b/net/ipv6/netfilter/ip6table_mangle.c
@@ -30,12 +30,8 @@ static const struct xt_table packet_mangler = {
30}; 30};
31 31
32static unsigned int 32static unsigned int
33ip6t_local_out_hook(unsigned int hook, 33ip6t_mangle_out(struct sk_buff *skb, const struct net_device *out)
34 struct sk_buff *skb,
35 const struct net_device *out,
36 int (*okfn)(struct sk_buff *))
37{ 34{
38
39 unsigned int ret; 35 unsigned int ret;
40 struct in6_addr saddr, daddr; 36 struct in6_addr saddr, daddr;
41 u_int8_t hop_limit; 37 u_int8_t hop_limit;
@@ -60,7 +56,7 @@ ip6t_local_out_hook(unsigned int hook,
60 /* flowlabel and prio (includes version, which shouldn't change either */ 56 /* flowlabel and prio (includes version, which shouldn't change either */
61 flowlabel = *((u_int32_t *)ipv6_hdr(skb)); 57 flowlabel = *((u_int32_t *)ipv6_hdr(skb));
62 58
63 ret = ip6t_do_table(skb, hook, NULL, out, 59 ret = ip6t_do_table(skb, NF_INET_LOCAL_OUT, NULL, out,
64 dev_net(out)->ipv6.ip6table_mangle); 60 dev_net(out)->ipv6.ip6table_mangle);
65 61
66 if (ret != NF_DROP && ret != NF_STOLEN && 62 if (ret != NF_DROP && ret != NF_STOLEN &&
@@ -80,7 +76,7 @@ ip6table_mangle_hook(unsigned int hook, struct sk_buff *skb,
80 int (*okfn)(struct sk_buff *)) 76 int (*okfn)(struct sk_buff *))
81{ 77{
82 if (hook == NF_INET_LOCAL_OUT) 78 if (hook == NF_INET_LOCAL_OUT)
83 return ip6t_local_out_hook(hook, skb, out, okfn); 79 return ip6t_mangle_out(skb, out);
84 if (hook == NF_INET_POST_ROUTING) 80 if (hook == NF_INET_POST_ROUTING)
85 return ip6t_do_table(skb, hook, in, out, 81 return ip6t_do_table(skb, hook, in, out,
86 dev_net(out)->ipv6.ip6table_mangle); 82 dev_net(out)->ipv6.ip6table_mangle);
generated by cgit v1.2.2 (git 2.25.0) at 2024-10-19 04:31:40 -0400