netfilter: nft_tunnel: restrict it to netdev family

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Only allow to use this expression from NFPROTO_NETDEV family.

Fixes: af308b94a2a4 ("netfilter: nf_tables: add tunnel support")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

Pablo Neira Ayuso 3 years ago 01e4092d 5f3b7aae

1 changed file

expand all

net

netfilter

nft_tunnel.c

net/netfilter/nft_tunnel.c

··· 161 161 162 162 static struct nft_expr_type nft_tunnel_type __read_mostly = { 163 163 .name = "tunnel", 164 + .family = NFPROTO_NETDEV, 164 165 .ops = &nft_tunnel_get_ops, 165 166 .policy = nft_tunnel_policy, 166 167 .maxattr = NFTA_TUNNEL_MAX,