]> err.no Git - linux-2.6/commitdiff
[BRIDGE-NF]: Fix iptables redirect on bridge interface
authorBart De Schuymer <bdschuym@pandora.be>
Thu, 15 Sep 2005 03:55:16 +0000 (20:55 -0700)
committerDavid S. Miller <davem@davemloft.net>
Thu, 15 Sep 2005 03:55:16 +0000 (20:55 -0700)
Here's a slightly altered patch, originally from Mark Glines who
diagnosed and fixed the problem.

Signed-off-by: Bart De Schuymer <bdschuym@pandora.be>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/bridge/br_netfilter.c

index 2d52fee63a8cf1653e90281be1ca154c61f24d70..d8e36b7751255b17e736f35060dead6b21eebb69 100644 (file)
@@ -214,9 +214,11 @@ static int br_nf_pre_routing_finish(struct sk_buff *skb)
                                     .tos = RT_TOS(iph->tos)} }, .proto = 0};
 
                        if (!ip_route_output_key(&rt, &fl)) {
-                               /* Bridged-and-DNAT'ed traffic doesn't
-                                * require ip_forwarding. */
-                               if (((struct dst_entry *)rt)->dev == dev) {
+                               /* - Bridged-and-DNAT'ed traffic doesn't
+                                *   require ip_forwarding.
+                                * - Deal with redirected traffic. */
+                               if (((struct dst_entry *)rt)->dev == dev ||
+                                   rt->rt_type == RTN_LOCAL) {
                                        skb->dst = (struct dst_entry *)rt;
                                        goto bridged_dnat;
                                }