Another fix related to the netfilter IPsec patches.
[NETFILTER]: Don't invoke okfn in CONFIG_NETFILTER=n variant of nf_hook()
nf_hook() is supposed to call the netfilter hook and return control of the
packet back to the caller in case it may pass, the okfn is only used for
queueing.
Signed-off-by: Patrick McHardy <[EMAIL PROTECTED]>
---
commit 4611d14cc145cb244634920a7c4b0082f3c08eda
tree 84c175affb78b77e78d908ea8baef43d9dba698a
parent a31ab06c99e45232b742803677e88363cda2fb85
author Patrick McHardy <[EMAIL PROTECTED]> Wed, 15 Feb 2006 17:39:55 +0100
committer Patrick McHardy <[EMAIL PROTECTED]> Wed, 15 Feb 2006 17:39:55 +0100
include/linux/netfilter.h | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/include/linux/netfilter.h b/include/linux/netfilter.h
index 5deacda..aa7bb93 100644
--- a/include/linux/netfilter.h
+++ b/include/linux/netfilter.h
@@ -318,7 +318,7 @@ static inline int nf_hook(int pf, unsign
struct net_device *indev, struct net_device *outdev,
int (*okfn)(struct sk_buff *))
{
- return okfn(*pskb);
+ return 1;
}
static inline void nf_ct_attach(struct sk_buff *new, struct sk_buff *skb) {}
struct flowi;
