summaryrefslogtreecommitdiffstats
path: root/kernel/linux/net/bridge/netfilter/ebt_dnat.c
diff options
context:
space:
mode:
Diffstat (limited to 'kernel/linux/net/bridge/netfilter/ebt_dnat.c')
-rw-r--r--kernel/linux/net/bridge/netfilter/ebt_dnat.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/kernel/linux/net/bridge/netfilter/ebt_dnat.c b/kernel/linux/net/bridge/netfilter/ebt_dnat.c
index 28ce793..a910d77 100644
--- a/kernel/linux/net/bridge/netfilter/ebt_dnat.c
+++ b/kernel/linux/net/bridge/netfilter/ebt_dnat.c
@@ -31,6 +31,10 @@ static int ebt_target_dnat_check(const char *tablename, unsigned int hookmask,
{
struct ebt_nat_info *infostuff = (struct ebt_nat_info *) data;
+ if ((hookmask & (1 << NF_BR_NUMHOOKS)) &&
+ infostuff->target == EBT_RETURN)
+ return -EINVAL;
+ hookmask &= ~(1 << NF_BR_NUMHOOKS);
if ( (strcmp(tablename, "nat") ||
(hookmask & ~((1 << NF_BR_PRE_ROUTING) | (1 << NF_BR_LOCAL_OUT)))) &&
(strcmp(tablename, "broute") || hookmask & ~(1 << NF_BR_BROUTING)) )