diff options
Diffstat (limited to 'net/openvswitch')
| -rw-r--r-- | net/openvswitch/conntrack.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/net/openvswitch/conntrack.c b/net/openvswitch/conntrack.c index dff093a10d6d..5ea74270da46 100644 --- a/net/openvswitch/conntrack.c +++ b/net/openvswitch/conntrack.c @@ -816,6 +816,9 @@ static int ovs_ct_nat(struct net *net, struct sw_flow_key *key, enum nf_nat_manip_type maniptype; int err; + if (!(info->nat & OVS_CT_NAT)) + return NF_ACCEPT; + /* Add NAT extension if not confirmed yet. */ if (!nf_ct_is_confirmed(ct) && !nf_ct_nat_ext_add(ct)) return NF_ACCEPT; /* Can't NAT. */ @@ -825,8 +828,7 @@ static int ovs_ct_nat(struct net *net, struct sw_flow_key *key, * Make sure new expected connections (IP_CT_RELATED) are NATted only * when committing. */ - if (info->nat & OVS_CT_NAT && ctinfo != IP_CT_NEW && - ct->status & IPS_NAT_MASK && + if (ctinfo != IP_CT_NEW && ct->status & IPS_NAT_MASK && (ctinfo != IP_CT_RELATED || info->commit)) { /* NAT an established or related connection like before. */ if (CTINFO2DIR(ctinfo) == IP_CT_DIR_REPLY) |