Jan Engelhardt wrote:
It used to be that {ip,ip6,etc}_tables called extension->checkentry
themselves, but this can be moved into the xtables core.
This one doesn't apply cleanly:
patching file net/bridge/netfilter/ebtables.c
Hunk #3 FAILED at 684.
1 out of 3 hunks FAILED -- saving rejects to file
net/bridge/netfilter/ebtables.c.rej
Since I guess this will introduce new rejects in the following
patches, I'll wait until you've figured out what went wrong.
I've applied the patches in the order specified on top of
8d51a6615, replacing the previous patches.
*************** ebt_check_entry(struct ebt_entry *e, struct ebt_table_info *newinfo,
*** 692,706 ****
}
ret = xt_check_target(target, NFPROTO_BRIDGE, t->target_size,
- name, hookmask, e->ethproto, e->invflags & EBT_IPROTO);
if (ret < 0) {
module_put(target->me);
goto cleanup_watchers;
- } else if (t->u.target->checkentry &&
- !t->u.target->checkentry(name, e, NULL, t->data, hookmask)) {
- module_put(t->u.target->me);
- ret = -EINVAL;
- goto cleanup_watchers;
}
(*cnt)++;
return 0;
--- 684,694 ----
}
ret = xt_check_target(target, NFPROTO_BRIDGE, t->target_size,
+ name, hookmask, e->ethproto, e->invflags & EBT_IPROTO,
+ e, t->data);
if (ret < 0) {
module_put(target->me);
goto cleanup_watchers;
}
(*cnt)++;
return 0;
