diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-06-27 13:36:11 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-07-22 12:00:22 +0200 |
commit | 85f5b3086a04c459f9147859fcbf7bdc7578c378 (patch) | |
tree | f14b01a895eed8fcb1200e40c867a0b69ab2d3f7 /net/bridge/netfilter/Kconfig | |
parent | 8fd90bb889635fa1e7f80a3950948cc2e74c1446 (diff) |
netfilter: bridge: add reject support
So you can reject IPv4 and IPv6 packets from bridge tables. If the ether
proto is now known, default on dropping the packet instead.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/bridge/netfilter/Kconfig')
-rw-r--r-- | net/bridge/netfilter/Kconfig | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/net/bridge/netfilter/Kconfig b/net/bridge/netfilter/Kconfig index 4ce0b313f72c..9cebf47ac840 100644 --- a/net/bridge/netfilter/Kconfig +++ b/net/bridge/netfilter/Kconfig @@ -14,6 +14,12 @@ config NFT_BRIDGE_META help Add support for bridge dedicated meta key. +config NFT_BRIDGE_REJECT + tristate "Netfilter nf_tables bridge reject support" + depends on NFT_REJECT && NFT_REJECT_IPV4 && NFT_REJECT_IPV6 + help + Add support to reject packets. + config NF_LOG_BRIDGE tristate "Bridge packet logging" |