On Mon, 23 Aug 2010 14:41:46 -0700 (PDT) David Miller <davem@xxxxxxxxxxxxx> wrote: > From: Florian Westphal <fw@xxxxxxxxx> > Date: Mon, 23 Aug 2010 14:56:26 +0200 > > > commit f3c5c1bfd430858d3a05436f82c51e53104feb6b > > (netfilter: xtables: make ip_tables reentrant) forgot to > > also compute the jumpstack size in the compat handlers. > > > > Result is that "iptables -I INPUT -j userchain" turns into -j DROP. > > > > Reported by Sebastian Roesner on #netfilter, closes > > http://bugzilla.netfilter.org/show_bug.cgi?id=669. > > > > Note: arptables change is compile-tested only. > > > > Signed-off-by: Florian Westphal <fw@xxxxxxxxx> > > Acked-by: Eric Dumazet <eric.dumazet@xxxxxxxxx> > > Applied, thanks Florian. > -- > To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html > Should this go to stable? It seems commit f3c5c1bdf was introduced in 2.6.35. It fixes [Bug #16423] netfilter/iptables stopped logging 2.6.35-rc which was tracked as a regression. Cheers, Flo -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
