| 123456789101112 |
- --- a/net/netfilter/nf_nat_core.c
- +++ b/net/netfilter/nf_nat_core.c
- @@ -90,6 +90,9 @@ int nf_xfrm_me_harder(struct net *net, s
- struct dst_entry *dst;
- int err;
-
- + if (skb->dev && !dev_net(skb->dev)->xfrm.policy_count[XFRM_POLICY_OUT])
- + return 0;
- +
- err = xfrm_decode_session(skb, &fl, family);
- if (err < 0)
- return err;
|
