• Jussi Laakkonen's avatar
    [connman] Increase list of non-supported iptables mathces. JB#43926 · 77cb270a
    Jussi Laakkonen authored
    This commit blacklists following iptables matches defined with -m:
     - IPv4: iprange, recent, owner
     - IPv6: iprange, recent, owner, ttl
    These will cause crash or errors that are not recoverable. The match -m
    owner can be supported but requires more checks. It requires at least
    one of --uid-owner, --gid-owner or --socket-exists additional switches.
    There may be more to investigate on that -m owner.
    Re-enabled IPv6 multiport which seems to work ok.
firewall.c 58.3 KB