On Wed, 2019-08-21 at 11:58 +0200, Pablo Neira Ayuso wrote: > On Tue, Aug 20, 2019 at 01:15:58PM -0300, Leonardo Bras wrote: > > On Tue, 2019-08-20 at 07:36 +0200, Florian Westphal wrote: > > > Wouldn't fib_netdev.c have the same problem? > > Probably, but I haven't hit this issue yet. > > > > > If so, might be better to place this test in both > > > nft_fib6_eval_type and nft_fib6_eval. > > > > I think that is possible, and not very hard to do. > > > > But in my humble viewpoint, it looks like it's nft_fib_inet_eval() and > > nft_fib_netdev_eval() have the responsibility to choose a valid > > protocol or drop the package. > > I am not sure if it would be a good move to transfer this > > responsibility to nft_fib6_eval_type() and nft_fib6_eval(), so I would > > rather add the same test to nft_fib_netdev_eval(). > > > > Does it make sense? > > Please, update common code to netdev and ip6 extensions as Florian > suggests. > > Thanks. Ok then, I will send a v2 with that change. Thanks,
Attachment:
signature.asc
Description: This is a digitally signed message part