diff options
author | Patrick McHardy <kaber@trash.net> | 2006-02-04 05:19:46 -0500 |
---|---|---|
committer | David S. Miller <davem@sunset.davemloft.net> | 2006-02-05 02:51:29 -0500 |
commit | 7918d212df31fb7ddfb317c5a8dccdcec647d754 (patch) | |
tree | f3742fc5901dc7a367d6b6d6d47b09782c01eb43 | |
parent | 0047c65a60fa3b6607b55e058ea6a89f39cb3f28 (diff) |
[NETFILTER]: Fix check whether dst_entry needs to be released after NAT
After DNAT the original dst_entry needs to be released if present
so the packet doesn't skip input routing with its new address. The
current check for DNAT in ip_nat_in is reversed and checks for SNAT.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r-- | net/ipv4/netfilter/ip_nat_standalone.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/net/ipv4/netfilter/ip_nat_standalone.c b/net/ipv4/netfilter/ip_nat_standalone.c index ad438fb185b8..92c54999a19d 100644 --- a/net/ipv4/netfilter/ip_nat_standalone.c +++ b/net/ipv4/netfilter/ip_nat_standalone.c | |||
@@ -209,8 +209,8 @@ ip_nat_in(unsigned int hooknum, | |||
209 | && (ct = ip_conntrack_get(*pskb, &ctinfo)) != NULL) { | 209 | && (ct = ip_conntrack_get(*pskb, &ctinfo)) != NULL) { |
210 | enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo); | 210 | enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo); |
211 | 211 | ||
212 | if (ct->tuplehash[dir].tuple.src.ip != | 212 | if (ct->tuplehash[dir].tuple.dst.ip != |
213 | ct->tuplehash[!dir].tuple.dst.ip) { | 213 | ct->tuplehash[!dir].tuple.src.ip) { |
214 | dst_release((*pskb)->dst); | 214 | dst_release((*pskb)->dst); |
215 | (*pskb)->dst = NULL; | 215 | (*pskb)->dst = NULL; |
216 | } | 216 | } |