On Tue, Aug 30, 2016 at 07:39:51PM +0200, Phil Sutter wrote:
> Commit 17b495957b29e ("evaluate: reject: fix crash if we have transport
> protocol conflict from inet") took care of a crash when using inet or
> bridge families, but since then netdev family has been added which also
> does not implicitly define the network context. Therefore the crash can
> be reproduced again using the following example:
>
> nft add rule netdev filter e1000-ingress \
> meta l4proto udp reject with tcp reset
>
> In order to fix this in a more generic way, have stmt_evaluate_reset()
> fall back to the generic proto_inet_service irrespective of the actual
> proto context.
Applied, thanks.
This reminds me that the reject code needs care, it is a bit tangled.
This was made by a GSoC student.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
