diff options
| author | gVisor bot <gvisor-bot@google.com> | 2020-01-23 23:01:01 +0000 |
|---|---|---|
| committer | gVisor bot <gvisor-bot@google.com> | 2020-01-23 23:01:01 +0000 |
| commit | 6d077471e9ab708625fbba3442b7b71e9d70564b (patch) | |
| tree | 41a4b3012d9879e31d6dae2554bf248814cfff04 /pkg/tcpip/network | |
| parent | decbfbc395af1840d6182aea27fc0e6cdcf4ce75 (diff) | |
| parent | 3d10edc9423789342047f8fcf3b6054bb71ea392 (diff) | |
Merge release-20200115.0-93-g3d10edc (automated)
Diffstat (limited to 'pkg/tcpip/network')
| -rw-r--r-- | pkg/tcpip/network/ipv4/ipv4.go | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/pkg/tcpip/network/ipv4/ipv4.go b/pkg/tcpip/network/ipv4/ipv4.go index 0a1453b31..85512f9b2 100644 --- a/pkg/tcpip/network/ipv4/ipv4.go +++ b/pkg/tcpip/network/ipv4/ipv4.go @@ -353,7 +353,8 @@ func (e *endpoint) HandlePacket(r *stack.Route, pkt tcpip.PacketBuffer) { } pkt.NetworkHeader = headerView[:h.HeaderLength()] - // iptables filtering. + // iptables filtering. All packets that reach here are intended for + // this machine and will not be forwarded. ipt := e.stack.IPTables() if ok := ipt.Check(iptables.Input, pkt); !ok { // iptables is telling us to drop the packet. |