On Mon, Apr 03, 2023 at 01:54:37PM +0200, Florian Westphal wrote: > Recent attempt to ensure PREROUTING hook is executed again when a > decrypted ipsec packet received on a bridge passes through the network > stack a second time broke the physdev match in INPUT hook. > > We can't discard the nf_bridge info strct from sabotage_in hook, as > this is needed by the physdev match. > > Keep the struct around and handle this with another conditional instead. Applied to nf, thanks
