diff options
author | Florian Westphal <fw@strlen.de> | 2017-07-07 13:29:03 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-07-17 17:02:44 +0200 |
commit | 974292defee033bc43ccfcb2fcefc3eba3905340 (patch) | |
tree | f9865fb83ea6979a8f7ef02d10020af01090e3bb /net/ipv4/inet_fragment.c | |
parent | netfilter: nat: fix src map lookup (diff) | |
download | linux-974292defee033bc43ccfcb2fcefc3eba3905340.tar.xz linux-974292defee033bc43ccfcb2fcefc3eba3905340.zip |
netfilter: nf_tables: only allow in/output for arp packets
arp packets cannot be forwarded.
They can be bridged, but then they can be filtered using
either ebtables or nftables bridge family.
The bridge netfilter exposes a "call-arptables" switch which
pushes packets into arptables, but lets not expose this for nftables, so better
close this asap.
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/ipv4/inet_fragment.c')
0 files changed, 0 insertions, 0 deletions