From 98408697fd8505bc8337d1e03b0e2f0374e4f36a Mon Sep 17 00:00:00 2001
From: Florian Westphal <fw@strlen.de>
Date: Fri, 27 Apr 2018 12:53:48 +0200
Subject: nft: arptables: remove obsolete forward hook definition

Its not supported anymore as of 4.13, and it did not work
before this either (arp packets cannot be routed).
This unbreaks arptables-compat -- without this fix kernel rejects the
incoming ruleset skeleton.

filtering forwarded arp packets on a bridge can be done either via
'netdev' or 'bridge' families.

Signed-off-by: Florian Westphal <fw@strlen.de>
---
 iptables/nft.c | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/iptables/nft.c b/iptables/nft.c
index 2610de44..c1cf16cd 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -456,12 +456,6 @@ struct builtin_table xtables_arp[TABLES_MAX] = {
 				.prio   = NF_IP_PRI_FILTER,
 				.hook   = NF_ARP_IN,
 			},
-			{
-				.name   = "FORWARD",
-				.type   = "filter",
-				.prio   = NF_IP_PRI_FILTER,
-				.hook   = NF_ARP_FORWARD,
-			},
 			{
 				.name   = "OUTPUT",
 				.type   = "filter",
-- 
cgit v1.2.3