summaryrefslogtreecommitdiffhomepage
path: root/pkg/tcpip/network
diff options
context:
space:
mode:
authorKevin Krakauer <krakauer@google.com>2020-01-08 14:48:47 -0800
committerKevin Krakauer <krakauer@google.com>2020-01-08 14:48:47 -0800
commitb2a881784c8e525c1fea71c6f23663413d107f05 (patch)
tree6529dc74dcf1fc21d0b3199f149356cb877f5ddc /pkg/tcpip/network
parent447f64c561e6b5893c1bbae7d641187b7aca64ac (diff)
Built dead-simple traversal, but now getting depedency cycle error :'(
Diffstat (limited to 'pkg/tcpip/network')
-rw-r--r--pkg/tcpip/network/ipv4/ipv4.go6
1 files changed, 6 insertions, 0 deletions
diff --git a/pkg/tcpip/network/ipv4/ipv4.go b/pkg/tcpip/network/ipv4/ipv4.go
index e645cf62c..bbb5aafee 100644
--- a/pkg/tcpip/network/ipv4/ipv4.go
+++ b/pkg/tcpip/network/ipv4/ipv4.go
@@ -350,6 +350,12 @@ func (e *endpoint) HandlePacket(r *stack.Route, pkt tcpip.PacketBuffer) {
}
pkt.NetworkHeader = headerView[:h.HeaderLength()]
+ // iptables filtering.
+ if ok := iptables.Check(iptables.Input, pkt); !ok {
+ // iptables is telling us to drop the packet.
+ return
+ }
+
hlen := int(h.HeaderLength())
tlen := int(h.TotalLength())
pkt.Data.TrimFront(hlen)