Re: [PATCH -nf] Revert "netfilter: bridge: query conntrack about skb dnat"

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, May 20, 2015 at 01:42:25PM +0200, Florian Westphal wrote:
> This reverts commit c055d5b03bb4cb69d349d787c9787c0383abd8b2.
> 
> There are two issues:
> 'dnat_took_place' made me think that this is related to
> -j DNAT/MASQUERADE.
> 
> But thats only one part of the story.  This is also relevant for SNAT
> when we undo snat translation in reverse/reply direction.
> 
> Furthermore, I originally wanted to do this mainly to avoid
> storing ipv6 addresses once we make DNAT/REDIRECT work
> for ipv6 on bridges.
> 
> However, I forgot about SNPT/DNPT which is stateless.
> 
> So we can't escape storing address for ipv6 anyway. Might as
> well do it for ipv4 too.

Applied this revert to nf, thanks.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux