diff options
author | Nayana Bidari <nybidari@google.com> | 2020-02-25 15:03:51 -0800 |
---|---|---|
committer | Nayana Bidari <nybidari@google.com> | 2020-02-25 15:03:51 -0800 |
commit | acc405ba60834f5dce9ce04cd762d5cda02224cb (patch) | |
tree | 6571786bd38f1a5755a09dc717e9b0012d5c7d7a /pkg/tcpip/stack/nic.go | |
parent | b30b7f3422202232ad1c385a7ac0d775151fee2f (diff) |
Add nat table support for iptables.
- commit the changes for the comments.
Diffstat (limited to 'pkg/tcpip/stack/nic.go')
-rw-r--r-- | pkg/tcpip/stack/nic.go | 13 |
1 files changed, 1 insertions, 12 deletions
diff --git a/pkg/tcpip/stack/nic.go b/pkg/tcpip/stack/nic.go index 2028f5201..a75dc0322 100644 --- a/pkg/tcpip/stack/nic.go +++ b/pkg/tcpip/stack/nic.go @@ -1087,19 +1087,8 @@ func (n *NIC) DeliverNetworkPacket(linkEP LinkEndpoint, remote, local tcpip.Link // TODO(gvisor.dev/issue/170): Not supporting iptables for IPv6 yet. if protocol == header.IPv4ProtocolNumber { - newPkt := pkt.Clone() - - headerView := newPkt.Data.First() - h := header.IPv4(headerView) - newPkt.NetworkHeader = headerView[:h.HeaderLength()] - - hlen := int(h.HeaderLength()) - tlen := int(h.TotalLength()) - newPkt.Data.TrimFront(hlen) - newPkt.Data.CapLength(tlen - hlen) - ipt := n.stack.IPTables() - if ok := ipt.Check(iptables.Prerouting, newPkt); !ok { + if ok := ipt.Check(iptables.Prerouting, pkt); !ok { // iptables is telling us to drop the packet. return } |