On Tue, Nov 29, 2016 at 11:37:21PM +0100, Martin Bednar wrote:
> Hi, I just hit a kernel bug using nftables.
> Using kernel 4.8.11.
>
> Inline is a minimal configuration file to reproduce and the dmesg log.
> Let me know if you need anything else.
>
> Martin.
>
> Minimal configuration to reproduce:
>
> table inet filter{
> map iface_rules {type iface_index : verdict;}
> chain lan1{
> }
>
> chain input{
> type filter hook input priority 0;policy accept;
>
> iif vmap @iface_rules
>
> }
> }
> add element inet filter iface_rules {enp0s18 : jump lan1 } #BUG_ON here.
Fixed by:
http://git.kernel.org/cgit/linux/kernel/git/pablo/nf.git/commit/?id=58c78e104d937c1f560fb10ed9bb2dcde0db4fcf
Will pass this to -stable asap.
Thanks for reporting.
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
