On Thursday 2010-02-11 17:12, Alexey Dobriyan wrote:
>Calling POST_ROUTING hook with NULL input device is not going to work.
>
>--- a/net/ipv4/netfilter/iptable_mangle.c
>+++ b/net/ipv4/netfilter/iptable_mangle.c
>@@ -85,7 +85,7 @@ iptable_mangle_hook(unsigned int hook,
> const struct net_device *out,
> int (*okfn)(struct sk_buff *))
> {
>- if (hook == NF_INET_LOCAL_OUT)
>+ if (hook == NF_INET_LOCAL_OUT || hook == NF_INET_POST_ROUTING)
> return ipt_local_hook(hook, skb, in, out, okfn);
>
> /* PREROUTING/INPUT/FORWARD: */
postrouting did not call ipt_local_hook before, so why now?
>--- a/net/ipv6/netfilter/ip6table_mangle.c
>+++ b/net/ipv6/netfilter/ip6table_mangle.c
>@@ -79,7 +79,7 @@ ip6table_mangle_hook(unsigned int hook, struct sk_buff *skb,
> const struct net_device *in, const struct net_device *out,
> int (*okfn)(struct sk_buff *))
> {
>- if (hook == NF_INET_LOCAL_OUT)
>+ if (hook == NF_INET_LOCAL_OUT || hook == NF_INET_POST_ROUTING)
> return ip6t_local_out_hook(hook, skb, out, okfn);
>
> /* INPUT/FORWARD */
>
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
