2018-07-12 7:33 GMT+09:00 Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>:
> On Mon, Jun 11, 2018 at 09:04:39PM +0900, Taehee Yoo wrote:
> [...]
>> diff --git a/include/net/netfilter/nf_tables.h b/include/net/netfilter/nf_tables.h
>> index 08c005c..a7d6476 100644
>> --- a/include/net/netfilter/nf_tables.h
>> +++ b/include/net/netfilter/nf_tables.h
>> @@ -150,6 +150,7 @@ static inline void nft_data_debug(const struct nft_data *data)
>> * @portid: netlink portID of the original message
>> * @seq: netlink sequence number
>> * @family: protocol family
>> + * @level: depth of the chains
>> * @report: notify via unicast netlink message
>> */
>> struct nft_ctx {
>> @@ -160,6 +161,7 @@ struct nft_ctx {
>> u32 portid;
>> u32 seq;
>> u8 family;
>> + u8 level;
>> bool report;
>> };
>
Thank you for reviewing!
> I think the chunk I'm attaching is missing, right?
>
> Other than that, rejecting this configuration from control plane - now
> that we don't crash anymore due to hitting BUG_ON from packet path -
> is indeed the way to go.
>
> Thanks.
Yes, I missed it.
I will send v2 patch
Thanks!
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
