1 files changed, 0 insertions, 35 deletions

diff --git a/target/linux/generic/backport-5.10/610-v5.13-05-netfilter-flowtable-move-skb_try_make_writable-befor.patch b/target/linux/generic/backport-5.10/610-v5.13-05-netfilter-flowtable-move-skb_try_make_writable-befor.patch
deleted file mode 100644
index 84e294de7a..0000000000
--- a/target/linux/generic/backport-5.10/610-v5.13-05-netfilter-flowtable-move-skb_try_make_writable-befor.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-From: Pablo Neira Ayuso <pablo@netfilter.org>
-Date: Tue, 23 Mar 2021 00:56:23 +0100
-Subject: [PATCH] netfilter: flowtable: move skb_try_make_writable()
- before NAT in IPv4
-
-For consistency with the IPv6 flowtable datapath and to make sure the
-skbuff is writable right before the NAT header updates.
-
-Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
----
-
---- a/net/netfilter/nf_flow_table_ip.c
-+++ b/net/netfilter/nf_flow_table_ip.c
-@@ -266,10 +266,6 @@ nf_flow_offload_ip_hook(void *priv, stru
- 
- 	iph = ip_hdr(skb);
- 	thoff = iph->ihl * 4;
--	if (skb_try_make_writable(skb, thoff + hdrsize))
--		return NF_DROP;
--
--	iph = ip_hdr(skb);
- 	if (nf_flow_state_check(flow, iph->protocol, skb, thoff))
- 		return NF_ACCEPT;
- 
-@@ -280,6 +276,10 @@ nf_flow_offload_ip_hook(void *priv, stru
- 		return NF_ACCEPT;
- 	}
- 
-+	if (skb_try_make_writable(skb, thoff + hdrsize))
-+		return NF_DROP;
-+
-+	iph = ip_hdr(skb);
- 	if (nf_flow_nat_ip(flow, skb, thoff, dir, iph) < 0)
- 		return NF_DROP;
-