lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 11 Apr 2019 11:25:55 -0700 (PDT) From: David Miller <davem@...emloft.net> To: fw@...len.de Cc: netfilter-devel@...r.kernel.org, roopa@...ulusnetworks.com, nikolay@...ulusnetworks.com, netdev@...r.kernel.org Subject: Re: [PATCH nf-next 0/4] netfilter: bridge: remove broute hook From: Florian Westphal <fw@...len.de> Date: Thu, 11 Apr 2019 16:36:38 +0200 > This series removes the 'broute' hook by promoting ebtables' broute table > to a normal ebtables table (invoked via normal PREROUTING netfilter hook). > > The downside is that nf_hook_slow() needs to be duplicated in br_input.c > (see patch 3). > > However, I think its worth the price as this allows to remove the > br_should_route_hook. > > There are quite some changes in bridge specific code, if you prefer > I can re-submit this for net-next instead of nf-next. > > Main motivation is to provide 'ebtables -t broute' functionality via > nftables later on, this can then be done without touching the bridge > or netfilter core infrastructure again. Acked-by: David S. Miller <davem@...emloft.net>
Powered by blists - more mailing lists