diff options
author | Phil Sutter <phil@nwl.cc> | 2023-07-28 13:50:11 +0200 |
---|---|---|
committer | Phil Sutter <phil@nwl.cc> | 2023-07-28 14:27:35 +0200 |
commit | 687d76937be799a405e63e58861f7e4a965dfa8d (patch) | |
tree | 191fc9db81e92549a4006b5ca337a7bd182299fe /iptables/iptables-restore.8.in | |
parent | 344e9b260ba2bbbdd0c32f112273fd552d0b73f4 (diff) |
ebtables: Improve invalid chain name detection
Fix several issues:
- Most importantly, --new-chain command accepted any name. Introduce
ebt_assert_valid_chain_name() for use with both --new-chain and
--rename-chain.
- Restrict maximum name length to what legacy ebtables allows - this is
a bit more than iptables-nft, subject to be unified.
- Like iptables, legacy ebtables rejects names prefixed by '-' or '!'.
- Use xs_has_arg() for consistency, keep the check for extra args for
now.
Fixes: da871de2a6efb ("nft: bootstrap ebtables-compat")
Signed-off-by: Phil Sutter <phil@nwl.cc>
Diffstat (limited to 'iptables/iptables-restore.8.in')
0 files changed, 0 insertions, 0 deletions