On Wed, Aug 17, 2016 at 05:14:59PM +0200, Pablo Neira Ayuso wrote: > For non-IP traffic seen from the netdev family, set nft_pktinfo fields > other the value of these fields is garbage. Will send a v2. It seems we can leave unset field in bridge too for non-IP traffic. This should be a problem since nft doesn't generate bytecode using expression that require this fields. But given that we assume the nftables VM can be used rawly by anyone, entirely bypassing libraries and nft, it is good to have this sanitized. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
