On Thu, Jan 10, 2019 at 01:16:08PM +0800, wenxu@xxxxxxxxx wrote:
[...]
> +static struct xt_match tunnel_mt_reg __read_mostly = {
> + .name = "tunnel",
> + .revision = 0,
> + .family = NFPROTO_UNSPEC,
> + .match = tunnel_mt,
> + .matchsize = sizeof(struct xt_tunnel_mtinfo),
> + .hooks = ((1 << NF_INET_PRE_ROUTING) |
> + (1 << NF_INET_POST_ROUTING) |
> + (1 << NF_INET_LOCAL_OUT) |
> + (1 << NF_INET_FORWARD)),
Are you sure this works from the forward chain? This template is
dropped after the route lookup.
Thanks.
