aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat (limited to 'net/bridge/br_netfilter_hooks.c')
-rw-r--r--net/bridge/br_netfilter_hooks.c21
1 files changed, 0 insertions, 21 deletions
diff --git a/net/bridge/br_netfilter_hooks.c b/net/bridge/br_netfilter_hooks.c
index 7ddbe7ec81d6..97fc19f001bf 100644
--- a/net/bridge/br_netfilter_hooks.c
+++ b/net/bridge/br_netfilter_hooks.c
@@ -516,21 +516,6 @@ static unsigned int br_nf_pre_routing(void *priv,
516} 516}
517 517
518 518
519/* PF_BRIDGE/LOCAL_IN ************************************************/
520/* The packet is locally destined, which requires a real
521 * dst_entry, so detach the fake one. On the way up, the
522 * packet would pass through PRE_ROUTING again (which already
523 * took place when the packet entered the bridge), but we
524 * register an IPv4 PRE_ROUTING 'sabotage' hook that will
525 * prevent this from happening. */
526static unsigned int br_nf_local_in(void *priv,
527 struct sk_buff *skb,
528 const struct nf_hook_state *state)
529{
530 br_drop_fake_rtable(skb);
531 return NF_ACCEPT;
532}
533
534/* PF_BRIDGE/FORWARD *************************************************/ 519/* PF_BRIDGE/FORWARD *************************************************/
535static int br_nf_forward_finish(struct net *net, struct sock *sk, struct sk_buff *skb) 520static int br_nf_forward_finish(struct net *net, struct sock *sk, struct sk_buff *skb)
536{ 521{
@@ -901,12 +886,6 @@ static struct nf_hook_ops br_nf_ops[] __read_mostly = {
901 .priority = NF_BR_PRI_BRNF, 886 .priority = NF_BR_PRI_BRNF,
902 }, 887 },
903 { 888 {
904 .hook = br_nf_local_in,
905 .pf = NFPROTO_BRIDGE,
906 .hooknum = NF_BR_LOCAL_IN,
907 .priority = NF_BR_PRI_BRNF,
908 },
909 {
910 .hook = br_nf_forward_ip, 889 .hook = br_nf_forward_ip,
911 .pf = NFPROTO_BRIDGE, 890 .pf = NFPROTO_BRIDGE,
912 .hooknum = NF_BR_FORWARD, 891 .hooknum = NF_BR_FORWARD,