Skip to content

K
Kernel

openeuler / Kernel
12 个月 前同步成功

通知 5
Star 0
Fork 0
K
Kernel

体验新版 GitCode,发现更多精彩内容 >>

提交 9c6eb28a 编写于 作者: J Jan Engelhardt 提交者: Patrick McHardy
浏览文件
操作

netfilter: ipv6: add IPSKB_REROUTED exclusion to NF_HOOK/POSTROUTING invocation 

Similar to how IPv4's ip_output.c works, have ip6_output also check
the IPSKB_REROUTED flag. It will be set from xt_TEE for cloned packets
since Xtables can currently only deal with a single packet in flight
at a time.
Signed-off-by: NJan Engelhardt <jengelh@medozas.de>
Acked-by: NDavid S. Miller <davem@davemloft.net>
[Patrick: changed to use an IP6SKB value instead of IPSKB]
Signed-off-by: NPatrick McHardy <kaber@trash.net>
上级 9e508490
隐藏空白更改
内联 并排
Showing with 4 addition and 2 deletion
include/linux/ipv6.h
浏览文件 @ 9c6eb28a
......@@ -250,6 +250,7 @@ struct inet6_skb_parm {
#define IP6SKB_XFRM_TRANSFORMED 1
#define IP6SKB_FORWARDED 2
#define IP6SKB_REROUTED 4
};
#define IP6CB(skb) ((struct inet6_skb_parm*)((skb)->cb))
......
net/ipv6/ip6_output.c
浏览文件 @ 9c6eb28a
......@@ -172,8 +172,9 @@ int ip6_output(struct sk_buff *skb)
return 0;
}
return NF_HOOK(NFPROTO_IPV6, NF_INET_POST_ROUTING, skb, NULL, dev,
ip6_finish_output);
return NF_HOOK_COND(NFPROTO_IPV6, NF_INET_POST_ROUTING, skb, NULL, dev,
ip6_finish_output,
!(IP6CB(skb)->flags & IP6SKB_REROUTED));
}
/*
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册