summaryrefslogtreecommitdiff
path: root/Documentation/media/dmx.h.rst.exceptions
diff options
context:
space:
mode:
authorFlorian Westphal <fw@strlen.de>2018-03-30 11:39:12 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2018-03-30 12:20:32 +0200
commite3b5e1ec75234fb6b27708a316cdf69f9fb176a8 (patch)
tree3a09869c582d612e08c626d94a0c67fd6742e11d /Documentation/media/dmx.h.rst.exceptions
parent9ba5c404bf1d6284f0269411b33394362b7ff405 (diff)
Revert "netfilter: x_tables: ensure last rule in base chain matches underflow/policy"
This reverts commit 0d7df906a0e78079a02108b06d32c3ef2238ad25. Valdis Kletnieks reported that xtables is broken in linux-next since 0d7df906a0e78 ("netfilter: x_tables: ensure last rule in base chain matches underflow/policy"), as kernel rejects the (well-formed) ruleset: [ 64.402790] ip6_tables: last base chain position 1136 doesn't match underflow 1344 (hook 1) mark_source_chains is not the correct place for such a check, as it terminates evaluation of a chain once it sees an unconditional verdict (following rules are known to be unreachable). It seems preferrable to fix libiptc instead, so remove this check again. Fixes: 0d7df906a0e78 ("netfilter: x_tables: ensure last rule in base chain matches underflow/policy") Reported-by: Valdis Kletnieks <valdis.kletnieks@vt.edu> Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'Documentation/media/dmx.h.rst.exceptions')
0 files changed, 0 insertions, 0 deletions