disallow RETURN policy on base chain

author: Bart De Schuymer <bdschuym@pandora.be> 2002-08-18 18:03:52 +0000
committer: Bart De Schuymer <bdschuym@pandora.be> 2002-08-18 18:03:52 +0000
commit: 831873ee9b24b205f74640e89b01fb137e32bf5c (patch)
tree: 1b8553f1d3926c24a456341b6195dc2c9dcb0ee5 /userspace/ebtables2
parent: f9cb1de4be07682de4fefb3e3226e87b47f766bc (diff)
1 files changed, 6 insertions, 2 deletions
diff --git a/userspace/ebtables2/ebtables.c b/userspace/ebtables2/ebtables.c
index 28da8d7..54fd2b0 100644
--- a/userspace/ebtables2/ebtables.c
+++ b/userspace/ebtables2/ebtables.c
@@ -2064,9 +2064,13 @@ check_extension:
 	// the kernel does not have to do this ofcourse
 	new_entry->ethproto = htons(new_entry->ethproto);
 
-	if (replace.command == 'P')
+	if (replace.command == 'P') {
+		if (replace.selected_hook < NF_BR_NUMHOOKS &&
+		   policy == EBT_RETURN)
+			print_error("Policy RETURN only allowed for user "
+			            "defined chains");
 		change_policy(policy);
-	else if (replace.command == 'L') {
+	} else if (replace.command == 'L') {
 		list_rules();
 		if (replace.flags & OPT_ZERO)
 			zero_counters(zerochain);
author	Bart De Schuymer <bdschuym@pandora.be>	2002-08-18 18:03:52 +0000
committer	Bart De Schuymer <bdschuym@pandora.be>	2002-08-18 18:03:52 +0000
commit	831873ee9b24b205f74640e89b01fb137e32bf5c (patch)
tree	1b8553f1d3926c24a456341b6195dc2c9dcb0ee5 /userspace/ebtables2
parent	f9cb1de4be07682de4fefb3e3226e87b47f766bc (diff)