diff options
author | Patrick McHardy <kaber@trash.net> | 2006-01-05 12:20:59 -0800 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2006-01-05 12:20:59 -0800 |
commit | 1bd9bef6f9fe06dd0c628ac877c85b6b36aca062 (patch) | |
tree | 60b4bfdd06efc0ab5cf297c470a273f470b7c1f5 /include/net | |
parent | abbcc73982445c1457901c7fc1d0d110e7a587e3 (diff) | |
download | linux-1bd9bef6f9fe06dd0c628ac877c85b6b36aca062.tar.gz linux-1bd9bef6f9fe06dd0c628ac877c85b6b36aca062.tar.bz2 linux-1bd9bef6f9fe06dd0c628ac877c85b6b36aca062.zip |
[NETFILTER]: Call POST_ROUTING hook before fragmentation
Call POST_ROUTING hook before fragmentation to get rid of the okfn use
in ip_refrag and save the useless fragmentation/defragmentation step
when NAT is used.
The patch introduces one user-visible change, the POSTROUTING chain
in the mangle table gets entire packets, not fragments, which should
simplify use of the MARK and CLASSIFY targets for queueing as a nice
side-effect.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/net')
-rw-r--r-- | include/net/ip.h | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/include/net/ip.h b/include/net/ip.h index f7e7fd728b67..7bb5804847f2 100644 --- a/include/net/ip.h +++ b/include/net/ip.h @@ -317,7 +317,6 @@ enum ip_defrag_users IP_DEFRAG_CALL_RA_CHAIN, IP_DEFRAG_CONNTRACK_IN, IP_DEFRAG_CONNTRACK_OUT, - IP_DEFRAG_NAT_OUT, IP_DEFRAG_VS_IN, IP_DEFRAG_VS_OUT, IP_DEFRAG_VS_FWD |