From: Bart De Schuymer Date: Thu, 15 Sep 2005 03:55:16 +0000 (-0700) Subject: [BRIDGE-NF]: Fix iptables redirect on bridge interface X-Git-Tag: v2.6.14-rc2~17 X-Git-Url: https://err.no/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1c011bed5f49ce9e6193b18b226106a41ecfa95c;p=linux-2.6 [BRIDGE-NF]: Fix iptables redirect on bridge interface Here's a slightly altered patch, originally from Mark Glines who diagnosed and fixed the problem. Signed-off-by: Bart De Schuymer Signed-off-by: David S. Miller --- diff --git a/net/bridge/br_netfilter.c b/net/bridge/br_netfilter.c index 2d52fee63a..d8e36b7751 100644 --- a/net/bridge/br_netfilter.c +++ b/net/bridge/br_netfilter.c @@ -214,9 +214,11 @@ static int br_nf_pre_routing_finish(struct sk_buff *skb) .tos = RT_TOS(iph->tos)} }, .proto = 0}; if (!ip_route_output_key(&rt, &fl)) { - /* Bridged-and-DNAT'ed traffic doesn't - * require ip_forwarding. */ - if (((struct dst_entry *)rt)->dev == dev) { + /* - Bridged-and-DNAT'ed traffic doesn't + * require ip_forwarding. + * - Deal with redirected traffic. */ + if (((struct dst_entry *)rt)->dev == dev || + rt->rt_type == RTN_LOCAL) { skb->dst = (struct dst_entry *)rt; goto bridged_dnat; }