diff options
author | Joszef Kadlecsik <kadlec@blackhole.kfki.hu> | 2002-06-24 12:37:29 +0000 |
---|---|---|
committer | Joszef Kadlecsik <kadlec@blackhole.kfki.hu> | 2002-06-24 12:37:29 +0000 |
commit | 08f1527fbcebc85f7149e551c9b26f526954b3c2 (patch) | |
tree | 63b8e4392d4c4f419d6231ad5f15acb6d22edd16 | |
parent | 7e25327907409e0369d0fb0527f68f3b8db777be (diff) |
chain name may not clash with target name
-rw-r--r-- | ip6tables.c | 11 | ||||
-rw-r--r-- | iptables.c | 7 |
2 files changed, 12 insertions, 6 deletions
diff --git a/ip6tables.c b/ip6tables.c index dad9052d..b3346b14 100644 --- a/ip6tables.c +++ b/ip6tables.c @@ -1161,9 +1161,6 @@ print_firewall(const struct ip6t_entry *fw, u_int8_t flags; char buf[BUFSIZ]; - /* User creates a chain called "REJECT": this overrides the - `REJECT' target module. Keep feeding them rope until the - revolution... Bwahahahahah */ if (!ip6tc_is_chain(targname, handle)) target = find_target(targname, TRY_LOAD); else @@ -1797,6 +1794,14 @@ int do_command6(int argc, char *argv[], char **table, ip6tc_handle_t *handle) break; case 'N': + if (optarg && *optarg == '-') + exit_error(PARAMETER_PROBLEM, + "chain name not allowed to start " + "with `-'\n"); + if (find_target(optarg, TRY_LOAD)) + exit_error(PARAMETER_PROBLEM, + "chain name may not clash " + "with target name\n"); add_command(&command, CMD_NEW_CHAIN, CMD_NONE, invert); chain = optarg; @@ -1159,9 +1159,6 @@ print_firewall(const struct ipt_entry *fw, u_int8_t flags; char buf[BUFSIZ]; - /* User creates a chain called "REJECT": this overrides the - `REJECT' target module. Keep feeding them rope until the - revolution... Bwahahahahah */ if (!iptc_is_chain(targname, handle)) target = find_target(targname, TRY_LOAD); else @@ -1760,6 +1757,10 @@ int do_command(int argc, char *argv[], char **table, iptc_handle_t *handle) exit_error(PARAMETER_PROBLEM, "chain name not allowed to start " "with `-'\n"); + if (find_target(optarg, TRY_LOAD)) + exit_error(PARAMETER_PROBLEM, + "chain name may not clash " + "with target name\n"); add_command(&command, CMD_NEW_CHAIN, CMD_NONE, invert); chain = optarg; |