You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
24 lines
691 B
24 lines
691 B
7 years ago
|
From: Felix Fietkau <nbd@nbd.name>
|
||
|
Date: Fri, 23 Mar 2018 19:12:30 +0100
|
||
|
Subject: [PATCH] netfilter: nf_flow_table: fix offloading connections with
|
||
|
SNAT+DNAT
|
||
|
|
||
|
Pass all NAT types to the flow offload struct, otherwise parts of the
|
||
|
address/port pair do not get translated properly, causing connection
|
||
|
stalls
|
||
|
|
||
|
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
||
|
---
|
||
|
|
||
|
--- a/net/netfilter/nf_flow_table_core.c
|
||
|
+++ b/net/netfilter/nf_flow_table_core.c
|
||
7 years ago
|
@@ -84,7 +84,7 @@ flow_offload_alloc(struct nf_conn *ct, s
|
||
7 years ago
|
|
||
|
if (ct->status & IPS_SRC_NAT)
|
||
|
flow->flags |= FLOW_OFFLOAD_SNAT;
|
||
|
- else if (ct->status & IPS_DST_NAT)
|
||
|
+ if (ct->status & IPS_DST_NAT)
|
||
|
flow->flags |= FLOW_OFFLOAD_DNAT;
|
||
|
|
||
|
return flow;
|