netfilter: netns nf_conntrack: fixup DNAT in netns
Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by: Patrick McHardy <kaber@trash.net>
This commit is contained in:
parent
0c4c9288ad
commit
9174c1538f
|
@ -91,13 +91,13 @@ static unsigned int ipt_snat_target(struct sk_buff *skb,
|
|||
}
|
||||
|
||||
/* Before 2.6.11 we did implicit source NAT if required. Warn about change. */
|
||||
static void warn_if_extra_mangle(__be32 dstip, __be32 srcip)
|
||||
static void warn_if_extra_mangle(struct net *net, __be32 dstip, __be32 srcip)
|
||||
{
|
||||
static int warned = 0;
|
||||
struct flowi fl = { .nl_u = { .ip4_u = { .daddr = dstip } } };
|
||||
struct rtable *rt;
|
||||
|
||||
if (ip_route_output_key(&init_net, &rt, &fl) != 0)
|
||||
if (ip_route_output_key(net, &rt, &fl) != 0)
|
||||
return;
|
||||
|
||||
if (rt->rt_src != srcip && !warned) {
|
||||
|
@ -130,7 +130,7 @@ static unsigned int ipt_dnat_target(struct sk_buff *skb,
|
|||
|
||||
if (hooknum == NF_INET_LOCAL_OUT &&
|
||||
mr->range[0].flags & IP_NAT_RANGE_MAP_IPS)
|
||||
warn_if_extra_mangle(ip_hdr(skb)->daddr,
|
||||
warn_if_extra_mangle(dev_net(out), ip_hdr(skb)->daddr,
|
||||
mr->range[0].min_ip);
|
||||
|
||||
return nf_nat_setup_info(ct, &mr->range[0], IP_NAT_MANIP_DST);
|
||||
|
|
Loading…
Reference in New Issue