[Devel] [PATCH rh8 06/28] Revert "ve/net: Add VE_NF_CONNTRACK check in resolve_normal_ct()"
Konstantin Khorenko
khorenko at virtuozzo.com
Tue Apr 13 11:25:16 MSK 2021
This reverts commit 7acf543c6ef47848b07c751a8b578cb3bedbf87c.
Getting rid of per-CT iptables mask.
https://jira.sw.ru/browse/PSBM-127787
Signed-off-by: Konstantin Khorenko <khorenko at virtuozzo.com>
---
net/netfilter/nf_conntrack_core.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c
index 78a656cfe8c1..8c861089d65a 100644
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -1659,9 +1659,6 @@ resolve_normal_ct(struct nf_conn *tmpl,
struct nf_conn *ct;
u32 hash;
- if (!net_ipt_permitted(state->net, VE_NF_CONNTRACK))
- return 0;
-
if (!nf_ct_get_tuple(skb, skb_network_offset(skb),
dataoff, state->pf, protonum, state->net,
&tuple)) {
--
2.28.0
More information about the Devel
mailing list