summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPatrick McHardy <kaber@trash.net>2006-04-25 02:18:59 +0200
committerDavid S. Miller <davem@sunset.davemloft.net>2006-04-25 02:27:34 +0200
commit18118cdbfd1f855e09ee511d764d6c9df3d4f952 (patch)
tree8707ed855ddbe0b0bf98e661119df0ec08a3a8ea
parent[NETFILTER]: x_tables: move table->lock initialization (diff)
downloadlinux-18118cdbfd1f855e09ee511d764d6c9df3d4f952.tar.xz
linux-18118cdbfd1f855e09ee511d764d6c9df3d4f952.zip
[NETFILTER]: ipt action: use xt_check_target for basic verification
The targets don't do the basic verification themselves anymore so the ipt action needs to take care of it. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/sched/act_ipt.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/net/sched/act_ipt.c b/net/sched/act_ipt.c
index 6056d20ef429..37640c6fc014 100644
--- a/net/sched/act_ipt.c
+++ b/net/sched/act_ipt.c
@@ -69,6 +69,11 @@ ipt_init_target(struct ipt_entry_target *t, char *table, unsigned int hook)
DPRINTK("ipt_init_target: found %s\n", target->name);
t->u.kernel.target = target;
+ ret = xt_check_target(target, AF_INET, t->u.target_size - sizeof(*t),
+ table, hook, 0, 0);
+ if (ret)
+ return ret;
+
if (t->u.kernel.target->checkentry
&& !t->u.kernel.target->checkentry(table, NULL,
t->u.kernel.target, t->data,