diff options
| author | David S. Miller <davem@davemloft.net> | 2015-12-22 20:54:13 +0100 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2015-12-22 20:54:13 +0100 |
| commit | a7c09ae63d1a3d623e6c96bc29be2bb3eca47e42 (patch) | |
| tree | 894434b0b5d9ca56c1a39a994ffd6f9a1a20119a | |
| parent | Merge branch 'cdc_ncm-new-Dell-devices' (diff) | |
| parent | netfilter: nft_ct: include direction when dumping NFT_CT_L3PROTOCOL key (diff) | |
| download | linux-a7c09ae63d1a3d623e6c96bc29be2bb3eca47e42.tar.xz linux-a7c09ae63d1a3d623e6c96bc29be2bb3eca47e42.zip | |
Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf
Pablo Neira Ayuso says:
====================
Netfilter fixes for net
The following patchset contains two netfilter fixes:
1) Oneliner from Florian to dump missing NFT_CT_L3PROTOCOL netlink
attribute, from Florian Westphal.
2) Another oneliner for nf_tables to use skb->protocol from the new
netdev family, we can't assume ethernet there.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
| -rw-r--r-- | net/netfilter/nf_tables_netdev.c | 2 | ||||
| -rw-r--r-- | net/netfilter/nft_ct.c | 1 |
2 files changed, 2 insertions, 1 deletions
diff --git a/net/netfilter/nf_tables_netdev.c b/net/netfilter/nf_tables_netdev.c index 7b9c053ba750..edb3502f2016 100644 --- a/net/netfilter/nf_tables_netdev.c +++ b/net/netfilter/nf_tables_netdev.c @@ -94,7 +94,7 @@ nft_do_chain_netdev(void *priv, struct sk_buff *skb, { struct nft_pktinfo pkt; - switch (eth_hdr(skb)->h_proto) { + switch (skb->protocol) { case htons(ETH_P_IP): nft_netdev_set_pktinfo_ipv4(&pkt, skb, state); break; diff --git a/net/netfilter/nft_ct.c b/net/netfilter/nft_ct.c index 8cbca3432f90..939921532764 100644 --- a/net/netfilter/nft_ct.c +++ b/net/netfilter/nft_ct.c @@ -366,6 +366,7 @@ static int nft_ct_get_dump(struct sk_buff *skb, const struct nft_expr *expr) goto nla_put_failure; switch (priv->key) { + case NFT_CT_L3PROTOCOL: case NFT_CT_PROTOCOL: case NFT_CT_SRC: case NFT_CT_DST: |