Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / 71212c9b04eba76faa4dca26ccd1552d6bb300c1
commit71212c9b04eba76faa4dca26ccd1552d6bb300c1[log] [tgz]
authorPablo Neira Ayuso <pablo@netfilter.org>Fri Sep 09 12:42:53 2016 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>Mon Sep 12 18:52:32 2016 +0200
treec94e136ed7989fd72d416cd506bcca99b5549472
parent10151d7b03e23afce76a59f717f2616a10ddef86 [diff]
netfilter: nf_tables: don't drop IPv6 packets that cannot parse transport

This is overly conservative and not flexible at all, so better let them
go through and let the filtering policy decide what to do with them. We
use skb_header_pointer() all over the place so we would just fail to
match when trying to access fields from malformed traffic.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
3 files changed
tree: c94e136ed7989fd72d416cd506bcca99b5549472
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. firmware/
  8. fs/
  9. include/
  10. init/
  11. ipc/
  12. kernel/
  13. lib/
  14. mm/
  15. net/
  16. samples/
  17. scripts/
  18. security/
  19. sound/
  20. tools/
  21. usr/
  22. virt/
  23. .cocciconfig
  24. .get_maintainer.ignore
  25. .gitignore
  26. .mailmap
  27. COPYING
  28. CREDITS
  29. Kbuild
  30. Kconfig
  31. MAINTAINERS
  32. Makefile
  33. README
  34. REPORTING-BUGS