From 14162f779c5b11149432e454af08b1c5e8ecf711 Mon Sep 17 00:00:00 2001 From: Bart De Schuymer Date: Thu, 25 Jul 2002 17:23:36 +0000 Subject: deal with --xxxx-target RETURN on base chain --- kernel/linux/net/bridge/netfilter/ebt_mark.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'kernel/linux/net/bridge/netfilter/ebt_mark.c') diff --git a/kernel/linux/net/bridge/netfilter/ebt_mark.c b/kernel/linux/net/bridge/netfilter/ebt_mark.c index 1e4d98b..75edcf7 100644 --- a/kernel/linux/net/bridge/netfilter/ebt_mark.c +++ b/kernel/linux/net/bridge/netfilter/ebt_mark.c @@ -40,6 +40,10 @@ static int ebt_target_mark_check(const char *tablename, unsigned int hookmask, { struct ebt_mark_t_info *infostuff = (struct ebt_mark_t_info *) data; + if ((hookmask & (1 << NF_BR_NUMHOOKS)) && + infostuff->target == EBT_RETURN) + return -EINVAL; + hookmask &= ~(1 << NF_BR_NUMHOOKS); if (datalen != sizeof(struct ebt_mark_t_info)) return -EINVAL; if (infostuff->target < -NUM_STANDARD_TARGETS || infostuff->target >= 0) -- cgit v1.2.3