From b250a7fc3bbec80a3c4717a262863d93f4146b88 Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Thu, 3 Nov 2016 10:55:54 +0100 Subject: [PATCH] netfilter: get rid of useless debugging from core This patch remove compile time code to catch inconventional verdicts. We have better ways to handle this case these days, eg. pr_debug() but even though I don't think this is useful at all, so let's remove this. Signed-off-by: Pablo Neira Ayuso --- net/netfilter/core.c | 9 --------- 1 file changed, 9 deletions(-) diff --git a/net/netfilter/core.c b/net/netfilter/core.c index 004af030ef1a..3d4aa96cb219 100644 --- a/net/netfilter/core.c +++ b/net/netfilter/core.c @@ -323,15 +323,6 @@ unsigned int nf_iterate(struct sk_buff *skb, repeat: verdict = (*entryp)->ops.hook((*entryp)->ops.priv, skb, state); if (verdict != NF_ACCEPT) { -#ifdef CONFIG_NETFILTER_DEBUG - if (unlikely((verdict & NF_VERDICT_MASK) - > NF_MAX_VERDICT)) { - NFDEBUG("Evil return from %p(%u).\n", - (*entryp)->ops.hook, state->hook); - *entryp = rcu_dereference((*entryp)->next); - continue; - } -#endif if (verdict != NF_REPEAT) return verdict; goto repeat; -- 2.20.1