diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2011-02-01 16:03:46 +0100 |
---|---|---|
committer | Patrick McHardy <kaber@trash.net> | 2011-02-01 16:03:46 +0100 |
commit | 9d0db8b6b1da9e3d4c696ef29449700c58d589db (patch) | |
tree | f3fcf8325e523810c1ec70437b291b5ac8b74bfa /net/ipv4 | |
parent | netfilter: xt_iprange: Incorrect xt_iprange boundary check for IPv6 (diff) | |
download | linux-9d0db8b6b1da9e3d4c696ef29449700c58d589db.tar.xz linux-9d0db8b6b1da9e3d4c696ef29449700c58d589db.zip |
netfilter: arpt_mangle: fix return values of checkentry
In 135367b "netfilter: xtables: change xt_target.checkentry return type",
the type returned by checkentry was changed from boolean to int, but the
return values where not adjusted.
arptables: Input/output error
This broke arptables with the mangle target since it returns true
under success, which is interpreted by xtables as >0, thus
returning EIO.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'net/ipv4')
-rw-r--r-- | net/ipv4/netfilter/arpt_mangle.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/net/ipv4/netfilter/arpt_mangle.c b/net/ipv4/netfilter/arpt_mangle.c index b8ddcc480ed9..a5e52a9f0a12 100644 --- a/net/ipv4/netfilter/arpt_mangle.c +++ b/net/ipv4/netfilter/arpt_mangle.c @@ -60,12 +60,12 @@ static int checkentry(const struct xt_tgchk_param *par) if (mangle->flags & ~ARPT_MANGLE_MASK || !(mangle->flags & ARPT_MANGLE_MASK)) - return false; + return -EINVAL; if (mangle->target != NF_DROP && mangle->target != NF_ACCEPT && mangle->target != XT_CONTINUE) - return false; - return true; + return -EINVAL; + return 0; } static struct xt_target arpt_mangle_reg __read_mostly = { |