Use the NIC packets arrived at when filtering

As per https://linux.die.net/man/8/iptables, ``` Parameters -i, --in-interface [!] name Name of an interface via which a packet was received (only for packets entering the INPUT, FORWARD and PREROUTING chains). ``` Before this change, iptables would use the NIC that a packet was delivered to after forwarding a packet locally (when forwarding is enabled) instead of the NIC the packet arrived at. Updates #170, #3549. Test: iptables_test.TestInputHookWithLocalForwarding PiperOrigin-RevId: 377714971
author: Ghanan Gowripalan <ghanan@google.com> 2021-06-05 15:03:48 -0700
committer: gVisor bot <gvisor-bot@google.com> 2021-06-05 15:05:56 -0700
commit: 993fff4e1c6d44dfbbc71c4eb83e9ae35b291549 (patch)
tree: 9c43235335c79d065df715634ba83bc7e85bfc05 /pkg/tcpip/stack
parent: 03f17c7d902945489f44bbd4e0c6e15695098b52 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/pkg/tcpip/stack/packet_buffer.go b/pkg/tcpip/stack/packet_buffer.go
index 4ca702121..9192d8433 100644
--- a/pkg/tcpip/stack/packet_buffer.go
+++ b/pkg/tcpip/stack/packet_buffer.go
@@ -134,7 +134,7 @@ type PacketBuffer struct {
 	// https://www.man7.org/linux/man-pages/man7/packet.7.html.
 	PktType tcpip.PacketType
 
-	// NICID is the ID of the interface the network packet was received at.
+	// NICID is the ID of the last interface the network packet was handled at.
 	NICID tcpip.NICID
 
 	// RXTransportChecksumValidated indicates that transport checksum verification
author	Ghanan Gowripalan <ghanan@google.com>	2021-06-05 15:03:48 -0700
committer	gVisor bot <gvisor-bot@google.com>	2021-06-05 15:05:56 -0700
commit	993fff4e1c6d44dfbbc71c4eb83e9ae35b291549 (patch)
tree	9c43235335c79d065df715634ba83bc7e85bfc05 /pkg/tcpip/stack
parent	03f17c7d902945489f44bbd4e0c6e15695098b52 (diff)