aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorAlexey Dobriyan <adobriyan@gmail.com>2008-10-08 05:35:10 -0400
committerPatrick McHardy <kaber@trash.net>2008-10-08 05:35:10 -0400
commitb8b8063e0d0835fb44c88d9fded2be31c9a1757e (patch)
treea0a7283b2aa8988bc36a99be1fccc4ce513ac548 /net
parent0e6e75af921d1f4799eeb9f83a31c86ab7cdeb8f (diff)
netfilter: netns nat: fix ipt_MASQUERADE in netns
First, allow entry in notifier hook. Second, start conntrack cleanup in netns to which netdevice belongs. Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'net')
-rw-r--r--net/ipv4/netfilter/ipt_MASQUERADE.c6
1 files changed, 2 insertions, 4 deletions
diff --git a/net/ipv4/netfilter/ipt_MASQUERADE.c b/net/ipv4/netfilter/ipt_MASQUERADE.c
index 5e1c81791e5a..65c811b27b7b 100644
--- a/net/ipv4/netfilter/ipt_MASQUERADE.c
+++ b/net/ipv4/netfilter/ipt_MASQUERADE.c
@@ -119,9 +119,7 @@ static int masq_device_event(struct notifier_block *this,
119 void *ptr) 119 void *ptr)
120{ 120{
121 const struct net_device *dev = ptr; 121 const struct net_device *dev = ptr;
122 122 struct net *net = dev_net(dev);
123 if (!net_eq(dev_net(dev), &init_net))
124 return NOTIFY_DONE;
125 123
126 if (event == NETDEV_DOWN) { 124 if (event == NETDEV_DOWN) {
127 /* Device was downed. Search entire table for 125 /* Device was downed. Search entire table for
@@ -129,7 +127,7 @@ static int masq_device_event(struct notifier_block *this,
129 and forget them. */ 127 and forget them. */
130 NF_CT_ASSERT(dev->ifindex != 0); 128 NF_CT_ASSERT(dev->ifindex != 0);
131 129
132 nf_ct_iterate_cleanup(&init_net, device_cmp, 130 nf_ct_iterate_cleanup(net, device_cmp,
133 (void *)(long)dev->ifindex); 131 (void *)(long)dev->ifindex);
134 } 132 }
135 133