netfilter: netns nf_conntrack: fixup DNAT in netns

Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>

diff --git a/net/ipv4/netfilter/nf_nat_rule.c b/net/ipv4/netfilter/nf_nat_rule.c
index 0a02a8caf3b3b1821cf0b690d9ffea4608362da3..f929352ec0eee1d489d56df795659f5a38560f5f 100644 (file)
--- a/net/ipv4/netfilter/nf_nat_rule.c
+++ b/net/ipv4/netfilter/nf_nat_rule.c
@@ -91,13 +91,13 @@ static unsigned int ipt_snat_target(struct sk_buff *skb,
 }
 
 /* Before 2.6.11 we did implicit source NAT if required. Warn about change. */
-static void warn_if_extra_mangle(__be32 dstip, __be32 srcip)
+static void warn_if_extra_mangle(struct net *net, __be32 dstip, __be32 srcip)
 {
        static int warned = 0;
        struct flowi fl = { .nl_u = { .ip4_u = { .daddr = dstip } } };
        struct rtable *rt;
 
-       if (ip_route_output_key(&init_net, &rt, &fl) != 0)
+       if (ip_route_output_key(net, &rt, &fl) != 0)
                return;
 
        if (rt->rt_src != srcip && !warned) {
@@ -130,7 +130,7 @@ static unsigned int ipt_dnat_target(struct sk_buff *skb,
 
        if (hooknum == NF_INET_LOCAL_OUT &&
            mr->range[0].flags & IP_NAT_RANGE_MAP_IPS)
-               warn_if_extra_mangle(ip_hdr(skb)->daddr,
+               warn_if_extra_mangle(dev_net(out), ip_hdr(skb)->daddr,
                                     mr->range[0].min_ip);
 
        return nf_nat_setup_info(ct, &mr->range[0], IP_NAT_MANIP_DST);