]> asedeno.scripts.mit.edu Git - linux.git/commitdiff
projects / linux.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 0813fbc)
netfilter: nf_tables: allow expressions to return STOLEN
authorFlorian Westphal <fw@strlen.de>
Tue, 18 Oct 2016 15:35:18 +0000 (17:35 +0200)
committerPablo Neira Ayuso <pablo@netfilter.org>
Wed, 26 Oct 2016 14:35:15 +0000 (16:35 +0200)
Currently not supported, we'd oops as skb was (or is) free'd elsewhere.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/nf_tables_core.c patch | blob | history

diff --git a/net/netfilter/nf_tables_core.c b/net/netfilter/nf_tables_core.c
index 0dd5c695482f64b248de0906fcbbd1dcb8df6364..70de32a6d5c0c350089229abef2b549897a2e813 100644 (file)
--- a/net/netfilter/nf_tables_core.c
+++ b/net/netfilter/nf_tables_core.c
@@ -178,6 +178,7 @@ nft_do_chain(struct nft_pktinfo *pkt, void *priv)
        case NF_ACCEPT:
        case NF_DROP:
        case NF_QUEUE:
+       case NF_STOLEN:
                nft_trace_packet(&info, chain, rule,
                                 rulenum, NFT_TRACETYPE_RULE);
                return regs.verdict.code;
local clone of linux.git