diff options
-rw-r--r-- | libiptc/libiptc.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/libiptc/libiptc.c b/libiptc/libiptc.c index 218ff039..dfa2d1f0 100644 --- a/libiptc/libiptc.c +++ b/libiptc/libiptc.c @@ -1,4 +1,4 @@ -/* Library which manipulates firewall rules. Version $Revision: 1.56 $ */ +/* Library which manipulates firewall rules. Version $Revision$ */ /* Architecture of firewall rules is as follows: * @@ -1319,11 +1319,18 @@ TC_REPLACE_ENTRY(const IPT_CHAINLABEL chain, return 0; } - if (!(old = iptcc_get_rule_num(c, rulenum + 1))) { + if (rulenum >= c->num_rules) { errno = E2BIG; return 0; } + /* Take advantage of the double linked list if possible. */ + if (rulenum + 1 <= c->num_rules/2) { + old = iptcc_get_rule_num(c, rulenum + 1); + } else { + old = iptcc_get_rule_num_reverse(c, c->num_rules - rulenum); + } + if (!(r = iptcc_alloc_rule(c, e->next_offset))) { errno = ENOMEM; return 0; |