[Model] SM-Z400F
[BinType] AP
[Customer] Open
[Issue#]
[Request] PM
[Occurrence Version]
[Problem] Kernel panic occurs on enabling nether flags
[Cause & Measure] Add unconditional return rules to two use defined chains created
[Checking Method]
[Team] Security
[Developer] Anish Singhania
[Solution company] Samsung
[Change Type] Market Issue
Change-Id: I8a5cbacc2418d5268599ebbcc581cfe7227d88d1
Signed-off-by: Anish Singhania <a.singhania@samsung.com>
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
-A OUTPUT -m mark --mark 0x3 -j NETHER-DENY
-A OUTPUT -m mark --mark 0x4 -j NETHER-ALLOWLOG
-A NETHER-ALLOWLOG -j AUDIT --type accept
+-A NETHER-ALLOWLOG -j RETURN
-A NETHER-DENY -j AUDIT --type reject
-A NETHER-DENY -j REJECT --reject-with icmp-port-unreachable
+-A NETHER-DENY -j RETURN
COMMIT
projects / platform / core / security / nether.git / commitdiff