diff options
author | David S. Miller <davem@davemloft.net> | 2016-04-14 04:49:03 +0300 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2016-04-14 04:49:03 +0300 |
commit | 60e19518d657018c4e25f0c20ca4f623536714b5 (patch) | |
tree | 4775d80b915310e094581dea09bbac54122b7f6a /net/ipv4 | |
parent | 4bc0eb3a1b20facbbf5c4939df863d8928e5c1b7 (diff) | |
parent | bcf4934288402be3464110109a4dae3bd6fb3e93 (diff) | |
download | linux-60e19518d657018c4e25f0c20ca4f623536714b5.tar.xz |
Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf
Pablo Neira Ayuso says:
====================
Netfilter fixes for net
The following patchset contains Netfilter fixes for your net tree. More
specifically, they are:
1) Fix missing filter table per-netns registration in arptables, from
Florian Westphal.
2) Resolve out of bound access when parsing TCP options in
nf_conntrack_tcp, patch from Jozsef Kadlecsik.
3) Prefer NFPROTO_BRIDGE extensions over NFPROTO_UNSPEC in ebtables,
this resolves conflict between xt_limit and ebt_limit, from Phil Sutter.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4')
-rw-r--r-- | net/ipv4/netfilter/arptable_filter.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/net/ipv4/netfilter/arptable_filter.c b/net/ipv4/netfilter/arptable_filter.c index dd8c80dc32a2..8f8713b4388f 100644 --- a/net/ipv4/netfilter/arptable_filter.c +++ b/net/ipv4/netfilter/arptable_filter.c @@ -81,6 +81,12 @@ static int __init arptable_filter_init(void) return ret; } + ret = arptable_filter_table_init(&init_net); + if (ret) { + unregister_pernet_subsys(&arptable_filter_net_ops); + kfree(arpfilter_ops); + } + return ret; } |