diff options
Diffstat (limited to 'net')
| -rw-r--r-- | net/ipv4/ip_output.c | 2 | ||||
| -rw-r--r-- | net/ipv4/netfilter/ip_conntrack_standalone.c | 7 |
2 files changed, 2 insertions, 7 deletions
diff --git a/net/ipv4/ip_output.c b/net/ipv4/ip_output.c index 30ab7b6ab761..38f69532a029 100644 --- a/net/ipv4/ip_output.c +++ b/net/ipv4/ip_output.c | |||
| @@ -195,6 +195,8 @@ static inline int ip_finish_output2(struct sk_buff *skb) | |||
| 195 | nf_debug_ip_finish_output2(skb); | 195 | nf_debug_ip_finish_output2(skb); |
| 196 | #endif /*CONFIG_NETFILTER_DEBUG*/ | 196 | #endif /*CONFIG_NETFILTER_DEBUG*/ |
| 197 | 197 | ||
| 198 | nf_reset(skb); | ||
| 199 | |||
| 198 | if (hh) { | 200 | if (hh) { |
| 199 | int hh_alen; | 201 | int hh_alen; |
| 200 | 202 | ||
diff --git a/net/ipv4/netfilter/ip_conntrack_standalone.c b/net/ipv4/netfilter/ip_conntrack_standalone.c index 0c29ccf62a89..46ca45f74d85 100644 --- a/net/ipv4/netfilter/ip_conntrack_standalone.c +++ b/net/ipv4/netfilter/ip_conntrack_standalone.c | |||
| @@ -431,13 +431,6 @@ static unsigned int ip_conntrack_defrag(unsigned int hooknum, | |||
| 431 | const struct net_device *out, | 431 | const struct net_device *out, |
| 432 | int (*okfn)(struct sk_buff *)) | 432 | int (*okfn)(struct sk_buff *)) |
| 433 | { | 433 | { |
| 434 | #if !defined(CONFIG_IP_NF_NAT) && !defined(CONFIG_IP_NF_NAT_MODULE) | ||
| 435 | /* Previously seen (loopback)? Ignore. Do this before | ||
| 436 | fragment check. */ | ||
| 437 | if ((*pskb)->nfct) | ||
| 438 | return NF_ACCEPT; | ||
| 439 | #endif | ||
| 440 | |||
| 441 | /* Gather fragments. */ | 434 | /* Gather fragments. */ |
| 442 | if ((*pskb)->nh.iph->frag_off & htons(IP_MF|IP_OFFSET)) { | 435 | if ((*pskb)->nh.iph->frag_off & htons(IP_MF|IP_OFFSET)) { |
| 443 | *pskb = ip_ct_gather_frags(*pskb, | 436 | *pskb = ip_ct_gather_frags(*pskb, |