From 127917c29a432c3b798e014a1714e9c1af0f87fe Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Mon, 27 Oct 2014 14:08:17 +0100
Subject: [PATCH] netfilter: nft_reject_bridge: restrict reject to prerouting
 and input

Restrict the reject expression to the prerouting and input bridge
hooks. If we allow this to be used from forward or any other later
bridge hook, if the frame is flooded to several ports, we'll end up
sending several reject packets, one per cloned packet.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
Reading git-format-patch failed