]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 5418975) | patch
netfilter: nft_tproxy: restrict to prerouting hook
authorFlorian Westphal <fw@strlen.de>
Sat, 20 Aug 2022 15:54:06 +0000 (17:54 +0200)
committerFlorian Westphal <fw@strlen.de>
Tue, 23 Aug 2022 19:24:34 +0000 (21:24 +0200)
commitfbc39d0e3a71aed4c2eca7c432cd353ff9b4ad53
tree26006a63f818301339915afbd8bfe501c8602a81tree | snapshot
parent5418975474217c2cda28394f2344750204cc98e1commit | diff
netfilter: nft_tproxy: restrict to prerouting hook

TPROXY is only allowed from prerouting, but nft_tproxy doesn't check this.
This fixes a crash (null dereference) when using tproxy from e.g. output.

Fixes: 5e25179efc53 ("netfilter: nf_tables: Add native tproxy support")
Reported-by: Shell Chen <xierch@gmail.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
net/netfilter/nft_tproxy.c diff | blob | history
Linux Kernel Source Tree.