diff options
author | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org> | 2006-02-11 09:50:11 +0000 |
---|---|---|
committer | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org> | 2006-02-11 09:50:11 +0000 |
commit | 838dcc15ab2052711b732ead918a8e146b7c3451 (patch) | |
tree | 88d5663e2f4257f3f72267a33d4daed333dec95d /ip6tables.c | |
parent | e2d50d97877693c39412466dab90fe8ce7e01902 (diff) |
Make '-p all' a special case that is handled before calling getprotoent() (Closes: #446)
Diffstat (limited to 'ip6tables.c')
-rw-r--r-- | ip6tables.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/ip6tables.c b/ip6tables.c index e2c514e..9396d03 100644 --- a/ip6tables.c +++ b/ip6tables.c @@ -224,7 +224,6 @@ static const struct pprot chain_protos[] = { { "icmpv6", IPPROTO_ICMPV6 }, { "esp", IPPROTO_ESP }, { "ah", IPPROTO_AH }, - { "all", 0 }, }; static char * @@ -808,6 +807,13 @@ parse_protocol(const char *s) if (string_to_number(s, 0, 255, &proto) == -1) { struct protoent *pent; + /* first deal with the special case of 'all' to prevent + * people from being able to redefine 'all' in nsswitch + * and/or provoke expensive [not working] ldap/nis/... + * lookups */ + if (!strcmp(s, "all")) + return 0; + if ((pent = getprotobyname(s))) proto = pent->p_proto; else { |