disallow RETURN policy on base chain

author: Bart De Schuymer <bdschuym@pandora.be> 2002-08-18 18:03:52 +0000
committer: Bart De Schuymer <bdschuym@pandora.be> 2002-08-18 18:03:52 +0000
commit: c34f467b183e2c1d42fa62fb449fe11985eaee62 (patch)
tree: c0874ac99c9a69eae9b3a3f555cacf07d5e86715
parent: c5075141593a21c51d31014ec670d27fcf802f5e (diff)
1 files changed, 6 insertions, 2 deletions
diff --git a/ebtables.c b/ebtables.c
index 28da8d7..54fd2b0 100644
--- a/ebtables.c
+++ b/ebtables.c
@@ -2064,9 +2064,13 @@ check_extension:
 	// the kernel does not have to do this ofcourse
 	new_entry->ethproto = htons(new_entry->ethproto);
 
-	if (replace.command == 'P')
+	if (replace.command == 'P') {
+		if (replace.selected_hook < NF_BR_NUMHOOKS &&
+		   policy == EBT_RETURN)
+			print_error("Policy RETURN only allowed for user "
+			            "defined chains");
 		change_policy(policy);
-	else if (replace.command == 'L') {
+	} else if (replace.command == 'L') {
 		list_rules();
 		if (replace.flags & OPT_ZERO)
 			zero_counters(zerochain);
author	Bart De Schuymer <bdschuym@pandora.be>	2002-08-18 18:03:52 +0000
committer	Bart De Schuymer <bdschuym@pandora.be>	2002-08-18 18:03:52 +0000
commit	c34f467b183e2c1d42fa62fb449fe11985eaee62 (patch)
tree	c0874ac99c9a69eae9b3a3f555cacf07d5e86715
parent	c5075141593a21c51d31014ec670d27fcf802f5e (diff)