netfilter: ip6table_mangle: don't reroute in LOCAL_IN
Rerouting should only happen in LOCAL_OUT, in INPUT its useless since the packet has already chosen its final destination. Noticed by Alexey Dobriyan <adobriyan@gmail.com>. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Patrick McHardy
committed by
David S. Miller
David S. Miller
parent
b9f75f45a6
commit
88a6f4ad76
@ -129,7 +129,7 @@ static struct nf_hook_ops ip6t_ops[] __read_mostly = {
|
|||||||
.priority = NF_IP6_PRI_MANGLE,
|
.priority = NF_IP6_PRI_MANGLE,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
.hook = ip6t_local_hook,
|
.hook = ip6t_route_hook,
|
||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
.pf = PF_INET6,
|
.pf = PF_INET6,
|
||||||
.hooknum = NF_INET_LOCAL_IN,
|
.hooknum = NF_INET_LOCAL_IN,
|
||||||
|
|||||||
Reference in New Issue
Block a user