Go to file
Florian Westphal 8e2f311a68 netfilter: physdev: relax br_netfilter dependency
Following command:
  iptables -D FORWARD -m physdev ...
causes connectivity loss in some setups.

Reason is that iptables userspace will probe kernel for the module revision
of the physdev patch, and physdev has an artificial dependency on
br_netfilter (xt_physdev use makes no sense unless a br_netfilter module
is loaded).

This causes the "phydev" module to be loaded, which in turn enables the
"call-iptables" infrastructure.

bridged packets might then get dropped by the iptables ruleset.

The better fix would be to change the "call-iptables" defaults to 0 and
enforce explicit setting to 1, but that breaks backwards compatibility.

This does the next best thing: add a request_module call to checkentry.
This was a stray '-D ... -m physdev' won't activate br_netfilter
anymore.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2019-01-18 15:02:33 +01:00
arch net: introduce SO_BINDTOIFINDEX sockopt 2019-01-17 14:55:51 -08:00
block
certs
crypto
Documentation switchdev: Add extack argument to call_switchdev_notifiers() 2019-01-17 15:18:47 -08:00
drivers net/mlx4: remove unneeded semicolon 2019-01-17 22:05:42 -08:00
firmware
fs for-5.0-rc1-tag 2019-01-14 05:55:51 +12:00
include netfilter: physdev: relax br_netfilter dependency 2019-01-18 15:02:33 +01:00
init
ipc
kernel Andrea Righi fixed a NULL pointer dereference in trace_kprobe_create() 2019-01-16 05:28:26 +12:00
lib sbitmap: Protect swap_lock from hardirq 2019-01-15 16:29:57 +12:00
LICENSES
mm
net netfilter: physdev: relax br_netfilter dependency 2019-01-18 15:02:33 +01:00
samples Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-01-16 05:13:36 +12:00
scripts
security
sound
tools selftests: mlxsw: Test veto of unsupported VXLAN FDBs 2019-01-17 15:18:47 -08:00
usr
virt
.clang-format
.cocciconfig
.get_maintainer.ignore
.gitattributes
.gitignore
.mailmap
COPYING
CREDITS
Kbuild
Kconfig
MAINTAINERS net: dsa: Split platform data to header file 2019-01-17 11:31:24 -08:00
Makefile Linux 5.0-rc2 2019-01-14 10:41:12 +12:00
README

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.