28 Aug
2020
28 Aug
'20
5:11 p.m.
On Fri, Aug 28, 2020 at 06:45:51PM +0200, Florian Westphal wrote:
Pablo Neira Ayuso pablo@netfilter.org wrote:
Hi Will,
Given this is for -stable maintainers only, I'd suggest:
Specify what -stable kernel versions this patch applies to. Explain that this problem is gone since what kernel version.
Maybe clarify that this is only for stable in the patch subject, e.g. [PATCH -stable v3] netfilter: nat: add a range check for l3/l4
Hmm, we silently accept a tuple that we can't really deal with, no?
Oh, I overlook, existing kernels are affected. You're right.
- if (l3num != NFPROTO_IPV4 && l3num != NFPROTO_IPV6)
return -EOPNOTSUPP;I vote to apply this to nf.git
I have rebased this patch on top of nf.git, attached what I'll apply to nf.git.