openkylin
/
linux
mirror of https://gitee.com/openkylin/linux.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

netfilter: nf_tables: allow expressions to return STOLEN 

Currently not supported, we'd oops as skb was (or is) free'd elsewhere.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
Florian Westphal 2016-10-18 17:35:18 +02:00 committed by Pablo Neira Ayuso
parent 0813fbc913
commit 5efa0fc6d7
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
net/netfilter/nf_tables_core.c
View File

@ -178,6 +178,7 @@ nft_do_chain(struct nft_pktinfo *pkt, void *priv)
case NF_ACCEPT:
case NF_DROP:
case NF_QUEUE:
case NF_STOLEN:
nft_trace_packet(&info, chain, rule,
rulenum, NFT_TRACETYPE_RULE);
return regs.verdict.code;