git.baikalelectronics.ru Git - kernel.git/commit

author	Florian Westphal <fw@strlen.de>
	Wed, 26 Aug 2015 21:20:51 +0000 (23:20 +0200)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Fri, 28 Aug 2015 19:04:11 +0000 (21:04 +0200)
commit	67e585d8f7b7f88990be86230c6655a7ade8dfe3
tree	66bfdc845041c7863353bd7cd4ec8b1bff4e3d0f	tree \| snapshot
parent	ee2c274d661a34cb6441792bef5d8eee0860c7f2	commit \| diff

Revert "netfilter: xtables: compute exact size needed for jumpstack"

This reverts commit 9dfdb419446a9c1eed042a8a1a366de614d5d343.

mark_source_chains will not re-visit chains, so

*filter
:INPUT ACCEPT [365:25776]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [217:45832]
:t1 - [0:0]
:t2 - [0:0]
:t3 - [0:0]
:t4 - [0:0]
-A t1 -i lo -j t2
-A t2 -i lo -j t3
-A t3 -i lo -j t4
# -A INPUT -j t4
# -A INPUT -j t3
# -A INPUT -j t2
-A INPUT -j t1
COMMIT

Will compute a chain depth of 2 if the comments are removed.
Revert back to counting the number of chains for the time being.

Reported-by: Cong Wang <cwang@twopensource.com>
Reported-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

net/ipv4/netfilter/arp_tables.c		diff \| blob \| history
net/ipv4/netfilter/ip_tables.c		diff \| blob \| history
net/ipv6/netfilter/ip6_tables.c		diff \| blob \| history