summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorkadlec <kadlec>2002-06-24 12:37:29 +0000
committerkadlec <kadlec>2002-06-24 12:37:29 +0000
commit46e350c54ab1b5b16bd5a73f1a2a5e28dd339509 (patch)
tree63b8e4392d4c4f419d6231ad5f15acb6d22edd16
parent06b93ecf1bf191b02cdfc8a6c22c203366957ca6 (diff)
chain name may not clash with target name
-rw-r--r--ip6tables.c11
-rw-r--r--iptables.c7
2 files changed, 12 insertions, 6 deletions
diff --git a/ip6tables.c b/ip6tables.c
index dad9052..b3346b1 100644
--- a/ip6tables.c
+++ b/ip6tables.c
@@ -1161,9 +1161,6 @@ print_firewall(const struct ip6t_entry *fw,
u_int8_t flags;
char buf[BUFSIZ];
- /* User creates a chain called "REJECT": this overrides the
- `REJECT' target module. Keep feeding them rope until the
- revolution... Bwahahahahah */
if (!ip6tc_is_chain(targname, handle))
target = find_target(targname, TRY_LOAD);
else
@@ -1797,6 +1794,14 @@ int do_command6(int argc, char *argv[], char **table, ip6tc_handle_t *handle)
break;
case 'N':
+ if (optarg && *optarg == '-')
+ exit_error(PARAMETER_PROBLEM,
+ "chain name not allowed to start "
+ "with `-'\n");
+ if (find_target(optarg, TRY_LOAD))
+ exit_error(PARAMETER_PROBLEM,
+ "chain name may not clash "
+ "with target name\n");
add_command(&command, CMD_NEW_CHAIN, CMD_NONE,
invert);
chain = optarg;
diff --git a/iptables.c b/iptables.c
index 8792141..b9c190b 100644
--- a/iptables.c
+++ b/iptables.c
@@ -1159,9 +1159,6 @@ print_firewall(const struct ipt_entry *fw,
u_int8_t flags;
char buf[BUFSIZ];
- /* User creates a chain called "REJECT": this overrides the
- `REJECT' target module. Keep feeding them rope until the
- revolution... Bwahahahahah */
if (!iptc_is_chain(targname, handle))
target = find_target(targname, TRY_LOAD);
else
@@ -1760,6 +1757,10 @@ int do_command(int argc, char *argv[], char **table, iptc_handle_t *handle)
exit_error(PARAMETER_PROBLEM,
"chain name not allowed to start "
"with `-'\n");
+ if (find_target(optarg, TRY_LOAD))
+ exit_error(PARAMETER_PROBLEM,
+ "chain name may not clash "
+ "with target name\n");
add_command(&command, CMD_NEW_CHAIN, CMD_NONE,
invert);
chain = optarg;