Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: > ipv6_find_hdr was also moved from ip6tables to ipv6 core code > recently. Now we got a hard dependency on ipv6 if Hans' HMARK is used > as well. So we need another hook for it. Again, that function is > pretty specific of IPv6. So I think that we can add a new struct > nf_afinfo_ipv6 to keep IPv6-only hooks like this and the one for > ipv6_find. Alright, i'll re-work this patch into a series, first adding such a new struct. We can then fix other dependency crap later as time permits. > I don't like putting this into nf_afinfo either, since it's specific > of IPv6, but I want a small fix that fulfill the -stable rules. It > will take some time until people get the fix for xt_addrtype IPv6 if > we make it the nice way. True, although this isn't a regression. > Seems like merge ipt and ip6t module is bringing us more problems that > expected. Yes, and I think that separating all of those again is not realistic, so a new ipv6 specific hook struct seems like the best shot. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
