diff options
author | Patrick McHardy <kaber@trash.net> | 2011-12-23 14:01:26 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2011-12-23 14:36:46 +0100 |
commit | 0af051baa8444b7453235552911a353fc7b9bee7 (patch) | |
tree | 7eb7a0f34679385d2519e4adf6120c6f779a8336 /net | |
parent | 40cfb706cda2bacdecd6e5ab78a21456d28878c7 (diff) | |
download | op-kernel-dev-0af051baa8444b7453235552911a353fc7b9bee7.zip op-kernel-dev-0af051baa8444b7453235552911a353fc7b9bee7.tar.gz |
netfilter: nf_nat: remove obsolete check in nf_nat_mangle_udp_packet()
The packet size check originates from a time when UDP helpers could
accidentally mangle incorrect packets (NEWNAT) and is unnecessary
nowadays since the conntrack helpers invoke the NAT helpers for the
proper packet directly.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net')
-rw-r--r-- | net/ipv4/netfilter/nf_nat_helper.c | 6 |
1 files changed, 0 insertions, 6 deletions
diff --git a/net/ipv4/netfilter/nf_nat_helper.c b/net/ipv4/netfilter/nf_nat_helper.c index 049e8b7..af65958 100644 --- a/net/ipv4/netfilter/nf_nat_helper.c +++ b/net/ipv4/netfilter/nf_nat_helper.c @@ -253,12 +253,6 @@ nf_nat_mangle_udp_packet(struct sk_buff *skb, struct udphdr *udph; int datalen, oldlen; - /* UDP helpers might accidentally mangle the wrong packet */ - iph = ip_hdr(skb); - if (skb->len < iph->ihl*4 + sizeof(*udph) + - match_offset + match_len) - return 0; - if (!skb_make_writable(skb, skb->len)) return 0; |