diff options
| author | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2024-02-04 06:19:37 -0800 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2024-02-04 06:19:37 -0800 |
| commit | ed5551279c9100aff6adf337d809057a7532b6f7 (patch) | |
| tree | 32835b919718c82f7a414041d7951971733c2dfe /net/netfilter/nft_socket.c | |
| parent | f1a27f081c1fa1eeebf38406e45f29636114470f (diff) | |
| parent | 54be6c6c5ae8e0d93a6c4641cb7528eb0b6ba478 (diff) | |
Merge 6.8-rc3 into usb-next
We need the USB fixes in here as well.
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'net/netfilter/nft_socket.c')
| -rw-r--r-- | net/netfilter/nft_socket.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/net/netfilter/nft_socket.c b/net/netfilter/nft_socket.c index 9ed85be79452..f30163e2ca62 100644 --- a/net/netfilter/nft_socket.c +++ b/net/netfilter/nft_socket.c @@ -242,6 +242,11 @@ static int nft_socket_validate(const struct nft_ctx *ctx, const struct nft_expr *expr, const struct nft_data **data) { + if (ctx->family != NFPROTO_IPV4 && + ctx->family != NFPROTO_IPV6 && + ctx->family != NFPROTO_INET) + return -EOPNOTSUPP; + return nft_chain_validate_hooks(ctx->chain, (1 << NF_INET_PRE_ROUTING) | (1 << NF_INET_LOCAL_IN) | |