From 0c42a1f2a0cc579181f9bd1adc885c10d0af5808 Mon Sep 17 00:00:00 2001
From: "Jose M. Guisado Gomez" <guigom@riseup.net>
Date: Thu, 22 Oct 2020 21:43:54 +0200
Subject: evaluate: add netdev support for reject default

Enables not specifying any icmp type and code when using reject inside
netdev.

This patch completely enables using reject for the netdev family.

Signed-off-by: Jose M. Guisado Gomez <guigom@riseup.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/evaluate.c | 1 +
 1 file changed, 1 insertion(+)

(limited to 'src')

diff --git a/src/evaluate.c b/src/evaluate.c
index abbf83ae..af52ab18 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -2745,6 +2745,7 @@ static int stmt_evaluate_reject_default(struct eval_ctx *ctx,
 		}
 		break;
 	case NFPROTO_BRIDGE:
+	case NFPROTO_NETDEV:
 		desc = ctx->pctx.protocol[PROTO_BASE_NETWORK_HDR].desc;
 		if (desc == NULL) {
 			stmt->reject.type = NFT_REJECT_ICMPX_UNREACH;
-- 
cgit v1.2.3