Hello:
This series was applied to netdev/net.git (main)
by Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>:
On Thu, 29 Feb 2024 01:01:33 +0100 you wrote:
> From: Ignat Korchagin <ignat@xxxxxxxxxxxxxx>
>
> Commit d0009effa886 ("netfilter: nf_tables: validate NFPROTO_* family") added
> some validation of NFPROTO_* families in the nft_compat module, but it broke
> the ability to use legacy iptables modules in dual-stack nftables.
>
> While with legacy iptables one had to independently manage IPv4 and IPv6
> tables, with nftables it is possible to have dual-stack tables sharing the
> rules. Moreover, it was possible to use rules based on legacy iptables
> match/target modules in dual-stack nftables.
>
> [...]
Here is the summary with links:
- [net,1/3] netfilter: nf_tables: allow NFPROTO_INET in nft_(match/target)_validate()
https://git.kernel.org/netdev/net/c/7e0f122c6591
- [net,2/3] netfilter: bridge: confirm multicast packets before passing them up the stack
https://git.kernel.org/netdev/net/c/62e7151ae3eb
- [net,3/3] selftests: netfilter: add bridge conntrack + multicast test case
https://git.kernel.org/netdev/net/c/6523cf516c55
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
