summaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorFlorian Westphal <fw@strlen.de>2015-05-20 13:42:25 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2015-05-20 13:51:25 +0200
commitfaecbb45ebefb20260ad4a631e011e93c896cb73 (patch)
treeb03c38d28eb48c1ee2f64abb43338f7457ec95ad /include
parent1086bbe97a074844188c6c988fa0b1a98c3ccbb9 (diff)
downloadlinux-stable-faecbb45ebefb20260ad4a631e011e93c896cb73.tar.gz
linux-stable-faecbb45ebefb20260ad4a631e011e93c896cb73.tar.bz2
linux-stable-faecbb45ebefb20260ad4a631e011e93c896cb73.zip
Revert "netfilter: bridge: query conntrack about skb dnat"
This reverts commit c055d5b03bb4cb69d349d787c9787c0383abd8b2. There are two issues: 'dnat_took_place' made me think that this is related to -j DNAT/MASQUERADE. But thats only one part of the story. This is also relevant for SNAT when we undo snat translation in reverse/reply direction. Furthermore, I originally wanted to do this mainly to avoid storing ipv6 addresses once we make DNAT/REDIRECT work for ipv6 on bridges. However, I forgot about SNPT/DNPT which is stateless. So we can't escape storing address for ipv6 anyway. Might as well do it for ipv4 too. Reported-and-tested-by: Bernhard Thaler <bernhard.thaler@wvnet.at> Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include')
-rw-r--r--include/linux/skbuff.h1
1 files changed, 1 insertions, 0 deletions
diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h
index 66e374d62f64..f15154a879c7 100644
--- a/include/linux/skbuff.h
+++ b/include/linux/skbuff.h
@@ -176,6 +176,7 @@ struct nf_bridge_info {
struct net_device *physindev;
struct net_device *physoutdev;
char neigh_header[8];
+ __be32 ipv4_daddr;
};
#endif