Alexey Dobriyan wrote:
> On Thu, Feb 11, 2010 at 05:34:30PM +0100, Patrick McHardy wrote:
>> Jan Engelhardt wrote:
>>> On Thursday 2010-02-11 17:12, Alexey Dobriyan wrote:
>>>
>>>> Calling POST_ROUTING hook with NULL input device is not going to work.
>>>>
>>>> --- a/net/ipv4/netfilter/iptable_mangle.c
>>>> +++ b/net/ipv4/netfilter/iptable_mangle.c
>>>> @@ -85,7 +85,7 @@ iptable_mangle_hook(unsigned int hook,
>>>> const struct net_device *out,
>>>> int (*okfn)(struct sk_buff *))
>>>> {
>>>> - if (hook == NF_INET_LOCAL_OUT)
>>>> + if (hook == NF_INET_LOCAL_OUT || hook == NF_INET_POST_ROUTING)
>>>> return ipt_local_hook(hook, skb, in, out, okfn);
>>>>
>>>> /* PREROUTING/INPUT/FORWARD: */
>>> postrouting did not call ipt_local_hook before, so why now?
>> What Alexey meant is that
>>
>> /* PREROUTING/INPUT/FORWARD: */
>> return ipt_do_table(skb, hook, in, out,
>> dev_net(in)->ipv4.iptable_mangle);
>>
>> dev_net(in) for a NULL device won't work. Passing them to the local
>> hook won't work either however since we perform rerouting there.
>> I'm confused now why this didn't crash here so far ...
>
> It did crashed, that's why I noticed it.
> But now I can't reproduce it too. Hopefully this patch is correct.
It looks correct to me. Will try to reproduce the crash
just to make sure.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
