stable nftables kernel changes for port to 3.12 kernel
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: stable nftables kernel changes for port to 3.12 kernel
- From: Pavel Melnik <p.melnyk@xxxxxxxxxxxxxxxxxx>
- Date: Wed, 5 Dec 2018 00:32:20 +0200
- User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.3.0
Hi
We were asked to implement functionality to drop fragmented IPv6
packets, addressed to local interface, on device based 3.12 kernel
As I understand it's not possible to do this by ip6tables rule in the
case when nf_conntrack is enabled, but it possible if use nftables
Could you please advice the kernel version from which is make sense to
bring nftables functionality (I am found post that referenced 3.18, but
this seems too big step)
Our initial attempts to bring initial integration commits from v3.13
kernel is not work.
But we observed the 'same' issue if try to use nftables on
3.13.0-163-generic PC kernel. No tables and chains are created by nft
cmd, or at least displayed by 'nft list tables'
Regards
Pavel
[Index of Archives]
[Netfitler Users]
[LARTC]
[Bugtraq]
[Yosemite Forum]
