netfilter: nat: really support inet nat without l3 address (!991) · Merge requests · Red Hat / centos-stream / src / kernel / centos-stream-9

Phil Sutter requested to merge psutter1/centos-stream-9:c9s/bz2092430 into main Jun 09, 2022

Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2092430 Upstream Status: net.git commit 282e5f8fe907d

commit 282e5f8fe907dc3f2fbf9f2103b0e62ffc3a68a5 Author: Florian Westphal fw@strlen.de Date: Wed Jun 1 10:47:35 2022 +0200

netfilter: nat: really support inet nat without l3 address

When no l3 address is given, priv->family is set to NFPROTO_INET and
the evaluation function isn't called.

Call it too so l4-only rewrite can work.
Also add a test case for this.

Fixes: a33f387ecd5aa ("netfilter: nft_nat: allow to specify layer 4 protocol NAT only")
Reported-by: Yi Chen <yiche@redhat.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

Signed-off-by: Phil Sutter psutter@redhat.com

netfilter: nat: really support inet nat without l3 address

Merge request reports