diff options
Diffstat (limited to 'net')
| -rw-r--r-- | net/netfilter/core.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/net/netfilter/core.c b/net/netfilter/core.c index c4065b8f9a95..ec05684c56d7 100644 --- a/net/netfilter/core.c +++ b/net/netfilter/core.c @@ -165,6 +165,14 @@ int nf_hook_slow(int pf, unsigned int hook, struct sk_buff *skb, unsigned int verdict; int ret = 0; +#ifdef CONFIG_NET_NS + struct net *net; + + net = indev == NULL ? outdev->nd_net : indev->nd_net; + if (net != &init_net) + return 1; +#endif + /* We may already have this, but read-locks nest anyway */ rcu_read_lock(); |