Jan Engelhardt wrote:
commit 84d36d4710f680edddb67ce30202818d95dbe32c
Author: Jan Engelhardt <jengelh@xxxxxxxxxxxxxxx>
Date: Wed Jan 2 20:14:28 2008 +0100
[NETFILTER]: Merge ipt_REJECT and ip6t_REJECT into xt_REJECT
+static inline void
+reject_send_unreach6(struct sk_buff *skb_in, unsigned char code,
+ unsigned int hooknum)
+{
+ if (hooknum == NF_INET_LOCAL_OUT && skb_in->dev == NULL)
+ skb_in->dev = init_net.loopback_dev;
+
+ icmpv6_send(skb_in, ICMPV6_DEST_UNREACH, code, 0, NULL);
+}
This adds a runtime dependency on ipv6, which I just recently
got rid of for all other modules. Adding an ip_tables rule
should never cause ipv6 to be loaded. I'd suggest adding a
new function pointer to nf_afinfo for this. That might even
allow some further code unification.
-
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
