Jan Engelhardt wrote: > On Wednesday 2010-03-17 14:31, Patrick McHardy wrote: >> Jan Engelhardt wrote: >>> I do not see a point of allowing the MAC module to work with devices >>> that don't possibly have one, e.g. various tunnel interfaces such as >>> tun and sit. >>> @@ -29,6 +30,8 @@ static bool mac_mt(const struct sk_buff *skb, const struct xt_match_param *par) >>> const struct xt_mac_info *info = par->matchinfo; >>> bool ret; >>> >>> + if (skb->dev == NULL || skb->dev->type != ARPHRD_ETHER) >>> + return false; >> What about the ~60 ARPHRD values that are not tunnels and sit? > > xt_mac uses eth_hdr(skb), so it makes sense to limit it to ethernet, as > we cannot be sure of the exact frame formats of other link layers. > Do you have an alternate proposal? OK, sounds fine. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
