Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 60a7496b authored by Phil Sutter's avatar Phil Sutter Committed by Greg Kroah-Hartman
Browse files

netfilter: nft_fib: Fix for rpath check with VRF devices 



[ Upstream commit 2a8a7c0eaa8747c16aa4a48d573aa920d5c00a5c ]

Analogous to commit b575b24b ("netfilter: Fix rpfilter
dropping vrf packets by mistake") but for nftables fib expression:
Add special treatment of VRF devices so that typical reverse path
filtering via 'fib saddr . iif oif' expression works as expected.

Fixes: f6d0cbcf ("netfilter: nf_tables: add fib expression")
Signed-off-by: default avatarPhil Sutter <phil@nwl.cc>
Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
parent 610798a5
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment