Which likely means the fix would be: https://android-review.googlesource.com/c/kernel/common/+/3445350/1..2 On Fri, Jan 10, 2025 at 2:23 PM Maciej Żenczykowski <zenczykowski@xxxxxxxxx> wrote: > > Oh, wait > > .family = NFPROTO_IPV4, > > in the v6 section > > On Fri, Jan 10, 2025 at 2:20 PM Maciej Żenczykowski > <zenczykowski@xxxxxxxxx> wrote: > > > > We've had to: > > Revert "netfilter: xtables: avoid NFPROTO_UNSPEC where needed" > > https://android-review.googlesource.com/c/kernel/common/+/3305935/2 > > > > It seems the failure is (probably related to): > > ... > > E IptablesRestoreController: -A bw_INPUT -j MARK --or-mark 0x100000 > > ... > > E IptablesRestoreController: ------- ERROR ------- > > E IptablesRestoreController: Warning: Extension MARK revision 0 not > > supported, missing kernel module? > > E IptablesRestoreController: ip6tables-restore v1.8.10 (legacy): MARK > > target: kernel too old for --or-mark > > E IptablesRestoreController: Error occurred at line: 27 > > > > But, I don't see an obvious bug in the CL we had to revert...
