summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/evaluate.c3
-rw-r--r--src/netlink_delinearize.c1
2 files changed, 3 insertions, 1 deletions
diff --git a/src/evaluate.c b/src/evaluate.c
index 3a91e9ea..1d5db4da 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -2718,7 +2718,7 @@ static int stmt_evaluate_reject_bridge(struct eval_ctx *ctx, struct stmt *stmt,
const struct proto_desc *desc;
desc = ctx->pctx.protocol[PROTO_BASE_LL_HDR].desc;
- if (desc != &proto_eth && desc != &proto_vlan)
+ if (desc != &proto_eth && desc != &proto_vlan && desc != &proto_netdev)
return stmt_binary_error(ctx,
&ctx->pctx.protocol[PROTO_BASE_LL_HDR],
stmt, "unsupported link layer protocol");
@@ -2758,6 +2758,7 @@ static int stmt_evaluate_reject_family(struct eval_ctx *ctx, struct stmt *stmt,
}
break;
case NFPROTO_BRIDGE:
+ case NFPROTO_NETDEV:
if (stmt_evaluate_reject_bridge(ctx, stmt, expr) < 0)
return -1;
break;
diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c
index 73150722..ca4d723d 100644
--- a/src/netlink_delinearize.c
+++ b/src/netlink_delinearize.c
@@ -2491,6 +2491,7 @@ static void stmt_reject_postprocess(struct rule_pp_ctx *rctx)
stmt->reject.family = protocol;
break;
case NFPROTO_BRIDGE:
+ case NFPROTO_NETDEV:
if (stmt->reject.type == NFT_REJECT_ICMPX_UNREACH) {
datatype_set(stmt->reject.expr, &icmpx_code_type);
break;
generated by cgit v1.2.3 (git 2.25.0) at 2024-10-06 01:20:23 +0000