Signed-off-by: Vasily Averin <vvs@xxxxxxxxxx>
---
net/bridge/br_netfilter.c | 6 ++----
1 files changed, 2 insertions(+), 4 deletions(-)
diff --git a/net/bridge/br_netfilter.c b/net/bridge/br_netfilter.c
index 2b0dda80..cb75e80 100644
--- a/net/bridge/br_netfilter.c
+++ b/net/bridge/br_netfilter.c
@@ -61,13 +61,11 @@ static struct brnf_net init_brnf_net = {
#ifdef CONFIG_SYSCTL
static struct ctl_table_header *brnf_sysctl_header;
-static int brnf_call_iptables __read_mostly = 1;
static int brnf_call_ip6tables __read_mostly = 1;
static int brnf_filter_vlan_tagged __read_mostly = 0;
static int brnf_filter_pppoe_tagged __read_mostly = 0;
static int brnf_pass_vlan_indev __read_mostly = 0;
#else
-#define brnf_call_iptables 1
#define brnf_call_ip6tables 1
#define brnf_filter_vlan_tagged 0
#define brnf_filter_pppoe_tagged 0
@@ -707,7 +705,7 @@ static unsigned int br_nf_pre_routing(const struct nf_hook_ops *ops,
return br_nf_pre_routing_ipv6(ops, skb, in, out, okfn);
}
- if (!brnf_call_iptables && !br->nf_call_iptables)
+ if (!init_brnf_net.nf_call_iptables && !br->nf_call_iptables)
return NF_ACCEPT;
if (!IS_IP(skb) && !IS_VLAN_IP(skb) && !IS_PPPOE_IP(skb))
@@ -1032,7 +1030,7 @@ static struct ctl_table brnf_table[] = {
},
{
.procname = "bridge-nf-call-iptables",
- .data = &brnf_call_iptables,
+ .data = &init_brnf_net.nf_call_iptables,
.maxlen = sizeof(int),
.mode = 0644,
.proc_handler = brnf_sysctl_call_tables,
--
1.7.5.4
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
