diff options
author | Florian Westphal <fw@strlen.de> | 2018-05-14 23:46:59 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-05-23 09:14:06 +0200 |
commit | a37061a678cab6d164f2989dd6f3b65f730289c7 (patch) | |
tree | 2da78e993cb9b64f1479203ae8c7289f3872a8c9 /net/netfilter/core.c | |
parent | 9971a514ed2697e542f3984a6162eac54bb1da98 (diff) | |
download | linux-a37061a678cab6d164f2989dd6f3b65f730289c7.tar.bz2 |
netfilter: lift one-nat-hook-only restriction
This reverts commit f92b40a8b2645
("netfilter: core: only allow one nat hook per hook point"), this
limitation is no longer needed. The nat core now invokes these
functions and makes sure that hook evaluation stops after a mapping is
created and a null binding is created otherwise.
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/core.c')
-rw-r--r-- | net/netfilter/core.c | 5 |
1 files changed, 0 insertions, 5 deletions
diff --git a/net/netfilter/core.c b/net/netfilter/core.c index 5f0ebf9a8d5b..907d6ef8f3c1 100644 --- a/net/netfilter/core.c +++ b/net/netfilter/core.c @@ -138,11 +138,6 @@ nf_hook_entries_grow(const struct nf_hook_entries *old, continue; } - if (reg->nat_hook && orig_ops[i]->nat_hook) { - kvfree(new); - return ERR_PTR(-EBUSY); - } - if (inserted || reg->priority > orig_ops[i]->priority) { new_ops[nhooks] = (void *)orig_ops[i]; new->hooks[nhooks] = old->hooks[i]; |