Bernhard Thaler <bernhard.thaler@xxxxxxxx> wrote: > setting rules with ebtables does not work for me any more with > 1086bbe97a074844188c6c988fa0b1a98c3ccbb9 / "netfilter: ensure number of > counters is >0 in do_replace()" in place. > > There is an error message and no rules set in the end. > > e.g. > > root@kali:~# ebtables -t nat -A POSTROUTING --src 12:34:56:78:9a:bc -j DROP > Unable to update the kernel. Two possible causes: > 1. Multiple ebtables programs were executing simultaneously. The ebtables > userspace tool doesn't by default support multiple ebtables programs > running [..] > With 1086bbe97a074844188c6c988fa0b1a98c3ccbb9 reverted everything works > fine again. Yes, seems we don't want the ebtables part of that commit. The vmalloc() calls are conditional on repl->num_counters in ebtables, and no counters are fetched on zero. Would you mind submitting a partial revert patch? Thanks for debugging this! -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
