netfilter: nf_nat: remove obsolete check in nf_nat_mangle_udp_packet()
Patrick McHardy [Fri, 23 Dec 2011 13:01:26 +0000 (14:01 +0100)]
The packet size check originates from a time when UDP helpers could
accidentally mangle incorrect packets (NEWNAT) and is unnecessary
nowadays since the conntrack helpers invoke the NAT helpers for the
proper packet directly.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

net/ipv4/netfilter/nf_nat_helper.c

index 049e8b7..af65958 100644 (file)
@@ -253,12 +253,6 @@ nf_nat_mangle_udp_packet(struct sk_buff *skb,
        struct udphdr *udph;
        int datalen, oldlen;
 
-       /* UDP helpers might accidentally mangle the wrong packet */
-       iph = ip_hdr(skb);
-       if (skb->len < iph->ihl*4 + sizeof(*udph) +
-                              match_offset + match_len)
-               return 0;
-
        if (!skb_make_writable(skb, skb->len))
                return 0;