diff options
| author |   Florian Westphal <fw@strlen.de> | 2018-05-14 23:46:59 +0200 |
|---|---|---|
| committer |   Pablo Neira Ayuso <pablo@netfilter.org> | 2018-05-23 09:14:06 +0200 |
| commit | a37061a678cab6d164f2989dd6f3b65f730289c7 (patch) | |
| tree | 2da78e993cb9b64f1479203ae8c7289f3872a8c9 /net/netfilter/core.c | |
| parent | netfilter: nf_nat: add nat type hooks to nat core (diff) | |
| download | linux-dev-a37061a678cab6d164f2989dd6f3b65f730289c7.tar.xz linux-dev-a37061a678cab6d164f2989dd6f3b65f730289c7.zip | |
netfilter: lift one-nat-hook-only restriction
This reverts commit f92b40a8b2645
("netfilter: core: only allow one nat hook per hook point"), this
limitation is no longer needed. The nat core now invokes these
functions and makes sure that hook evaluation stops after a mapping is
created and a null binding is created otherwise.
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/core.c')
| -rw-r--r-- | net/netfilter/core.c | 5 |
1 files changed, 0 insertions, 5 deletions
diff --git a/net/netfilter/core.c b/net/netfilter/core.c index 5f0ebf9a8d5b..907d6ef8f3c1 100644 --- a/net/netfilter/core.c +++ b/net/netfilter/core.c @@ -138,11 +138,6 @@ nf_hook_entries_grow(const struct nf_hook_entries *old, continue; } - if (reg->nat_hook && orig_ops[i]->nat_hook) { - kvfree(new); - return ERR_PTR(-EBUSY); - } - if (inserted || reg->priority > orig_ops[i]->priority) { new_ops[nhooks] = (void *)orig_ops[i]; new->hooks[nhooks] = old->hooks[i]; |