summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--extensions/ebt_arp.c3
-rw-r--r--extensions/ebt_ip.c2
-rw-r--r--extensions/ebt_vlan.c3
3 files changed, 5 insertions, 3 deletions
diff --git a/extensions/ebt_arp.c b/extensions/ebt_arp.c
index d088563..3ff1444 100644
--- a/extensions/ebt_arp.c
+++ b/extensions/ebt_arp.c
@@ -180,7 +180,8 @@ static void final_check(const struct ebt_u_entry *entry,
unsigned int hook_mask, unsigned int time)
{
if (entry->bitmask & EBT_NOPROTO || entry->bitmask & EBT_802_3 ||
- (entry->ethproto != ETH_P_ARP && entry->ethproto != ETH_P_RARP))
+ (entry->ethproto != ETH_P_ARP && entry->ethproto != ETH_P_RARP) ||
+ entry->invflags & EBT_IPROTO)
print_error("For (R)ARP filtering the protocol must be "
"specified as ARP or RARP");
}
diff --git a/extensions/ebt_ip.c b/extensions/ebt_ip.c
index 0deb3e0..91014e4 100644
--- a/extensions/ebt_ip.c
+++ b/extensions/ebt_ip.c
@@ -222,7 +222,7 @@ static void final_check(const struct ebt_u_entry *entry,
unsigned int hook_mask, unsigned int time)
{
if (entry->bitmask & EBT_NOPROTO || entry->bitmask & EBT_802_3 ||
- entry->ethproto != ETH_P_IP)
+ entry->ethproto != ETH_P_IP || entry->invflags & EBT_IPROTO)
print_error("For IP filtering the protocol must be "
"specified as IPv4");
}
diff --git a/extensions/ebt_vlan.c b/extensions/ebt_vlan.c
index 76077cb..148cd87 100644
--- a/extensions/ebt_vlan.c
+++ b/extensions/ebt_vlan.c
@@ -225,7 +225,8 @@ final_check (const struct ebt_u_entry *entry,
/*
* Is any proto param specified there? Or specified proto isn't 802.1Q?
*/
- if (entry->bitmask & EBT_NOPROTO || entry->ethproto != ETH_P_8021Q)
+ if (entry->bitmask & EBT_NOPROTO || entry->ethproto != ETH_P_8021Q ||
+ entry->invflags & EBT_IPROTO)
print_error
("For use 802.1Q extension the protocol must be specified as 802_1Q");
/*