Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-5.4 / 84ba7dd71add05b52e55c60b4a3af9bb6194c73d
commit84ba7dd71add05b52e55c60b4a3af9bb6194c73d[log] [tgz]
authorFlorian Westphal <fw@strlen.de>Fri Dec 08 17:01:55 2017 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>Mon Jan 08 18:01:14 2018 +0100
tree2ce13364a97e60958169bc966862215912317f07
parentf92b40a8b2645af38bd6814651c59c1e690db53d [diff]
netfilter: nf_tables: reject nat hook registration if prio is before conntrack

No problem for iptables as priorities are fixed values defined in the
nat modules, but in nftables the priority its coming from userspace.

Reject in case we see that such a hook would not work.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
1 file changed
tree: 2ce13364a97e60958169bc966862215912317f07
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. firmware/
  8. fs/
  9. include/
  10. init/
  11. ipc/
  12. kernel/
  13. lib/
  14. mm/
  15. net/
  16. samples/
  17. scripts/
  18. security/
  19. sound/
  20. tools/
  21. usr/
  22. virt/
  23. .cocciconfig
  24. .get_maintainer.ignore
  25. .gitattributes
  26. .gitignore
  27. .mailmap
  28. COPYING
  29. CREDITS
  30. Kbuild
  31. Kconfig
  32. MAINTAINERS
  33. Makefile
  34. README