[Devel] [PATCH rh8 04/28] Revert "ve/net: Add ipt_mask checks into ip6table_nat"
Konstantin Khorenko
khorenko at virtuozzo.com
Tue Apr 13 11:25:14 MSK 2021
This reverts commit 9a84853a8a82dcf98fa9fcefa702f36d1975f816.
We are getting rid of iptables mask.
https://jira.sw.ru/browse/PSBM-127787
Signed-off-by: Konstantin Khorenko <khorenko at virtuozzo.com>
---
net/ipv6/netfilter/ip6table_nat.c | 4 ----
1 file changed, 4 deletions(-)
diff --git a/net/ipv6/netfilter/ip6table_nat.c b/net/ipv6/netfilter/ip6table_nat.c
index 3049ae779025..be2cfbc8ae57 100644
--- a/net/ipv6/netfilter/ip6table_nat.c
+++ b/net/ipv6/netfilter/ip6table_nat.c
@@ -98,10 +98,6 @@ static int __net_init ip6table_nat_table_init(struct net *net)
if (net->ipv6.ip6table_nat)
return 0;
- if (!net_ipt_permitted(net, VE_IP_IPTABLE_NAT) ||
- !net_ipt_permitted(net, VE_IP_IPTABLES6))
- return 0;
-
repl = ip6t_alloc_initial_table(&nf_nat_ipv6_table);
if (repl == NULL)
return -ENOMEM;
--
2.28.0
More information about the Devel
mailing list