From e0e514c2e9307cae2ae43e991158c8c362a7b40a Mon Sep 17 00:00:00 2001 From: Murat Sezgin Date: Wed, 16 Dec 2020 09:54:50 -0800 Subject: [PATCH 228/500] net: bridge: Disable custom and ebtables calls by default These flags will be enabled by the user. Change-Id: I3418f5c40a93d485383bf7e7fd9afc12ef1519d0 Signed-off-by: Murat Sezgin --- net/bridge/br_netfilter_hooks.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) --- a/net/bridge/br_netfilter_hooks.c +++ b/net/bridge/br_netfilter_hooks.c @@ -1268,8 +1268,8 @@ static inline void br_netfilter_sysctl_d brnf->call_iptables = 1; brnf->call_ip6tables = 1; brnf->call_arptables = 1; - brnf->call_ebtables = 1; - brnf->call_custom = 1; + brnf->call_ebtables = 0; + brnf->call_custom = 0; brnf->filter_vlan_tagged = 0; brnf->filter_pppoe_tagged = 0; brnf->pass_vlan_indev = 0;