deal with --xxxx-target RETURN on base chain

author: Bart De Schuymer <bdschuym@pandora.be> 2002-07-25 17:23:36 +0000
committer: Bart De Schuymer <bdschuym@pandora.be> 2002-07-25 17:23:36 +0000
commit: 14162f779c5b11149432e454af08b1c5e8ecf711 (patch)
tree: 66f711cb576a4175d60acc4267d75916be5a10ed /kernel/linux/net/bridge/netfilter/ebt_redirect.c
parent: 8b1bda8f4bf60ecd70864ec94deb47a8f4c1817e (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/kernel/linux/net/bridge/netfilter/ebt_redirect.c b/kernel/linux/net/bridge/netfilter/ebt_redirect.c
index 1b8d696..d7c51ba 100644
--- a/kernel/linux/net/bridge/netfilter/ebt_redirect.c
+++ b/kernel/linux/net/bridge/netfilter/ebt_redirect.c
@@ -38,6 +38,10 @@ static int ebt_target_redirect_check(const char *tablename, unsigned int hookmas
 {
 	struct ebt_redirect_info *infostuff = (struct ebt_redirect_info *) data;
 
+	if ((hookmask & (1 << NF_BR_NUMHOOKS)) &&
+	   infostuff->target == EBT_RETURN)
+		return -EINVAL;
+	hookmask &= ~(1 << NF_BR_NUMHOOKS);
 	if ( (strcmp(tablename, "nat") || hookmask & ~(1 << NF_BR_PRE_ROUTING)) &&
 	     (strcmp(tablename, "broute") || hookmask & ~(1 << NF_BR_BROUTING)) )
 		return -EINVAL;
author	Bart De Schuymer <bdschuym@pandora.be>	2002-07-25 17:23:36 +0000
committer	Bart De Schuymer <bdschuym@pandora.be>	2002-07-25 17:23:36 +0000
commit	14162f779c5b11149432e454af08b1c5e8ecf711 (patch)
tree	66f711cb576a4175d60acc4267d75916be5a10ed /kernel/linux/net/bridge/netfilter/ebt_redirect.c
parent	8b1bda8f4bf60ecd70864ec94deb47a8f4c1817e (diff)