evaluate: add netdev support for reject default

Enables not specifying any icmp type and code when using reject inside
netdev.

This patch completely enables using reject for the netdev family.

Signed-off-by: Jose M. Guisado Gomez <guigom@riseup.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/src/evaluate.c b/src/evaluate.c
index abbf83aef57691d46eaafee5658dce91dcfe2fbe..af52ab181b2987089bfb657f3a70d20b8f0c37b6 100644 (file)
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -2745,6 +2745,7 @@ static int stmt_evaluate_reject_default(struct eval_ctx *ctx,
                }
                break;
        case NFPROTO_BRIDGE:
+       case NFPROTO_NETDEV:
                desc = ctx->pctx.protocol[PROTO_BASE_NETWORK_HDR].desc;
                if (desc == NULL) {
                        stmt->reject.type = NFT_REJECT_ICMPX_UNREACH;