diff options
author | Patrick McHardy <kaber@trash.net> | 2006-04-25 04:18:59 +0400 |
---|---|---|
committer | David S. Miller <davem@sunset.davemloft.net> | 2006-04-25 04:27:34 +0400 |
commit | 18118cdbfd1f855e09ee511d764d6c9df3d4f952 (patch) | |
tree | 8707ed855ddbe0b0bf98e661119df0ec08a3a8ea | |
parent | 91536b7ae67710ca888e03ea82c60f0ac073a015 (diff) | |
download | linux-18118cdbfd1f855e09ee511d764d6c9df3d4f952.tar.xz |
[NETFILTER]: ipt action: use xt_check_target for basic verification
The targets don't do the basic verification themselves anymore so
the ipt action needs to take care of it.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r-- | net/sched/act_ipt.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/net/sched/act_ipt.c b/net/sched/act_ipt.c index 6056d20ef429..37640c6fc014 100644 --- a/net/sched/act_ipt.c +++ b/net/sched/act_ipt.c @@ -69,6 +69,11 @@ ipt_init_target(struct ipt_entry_target *t, char *table, unsigned int hook) DPRINTK("ipt_init_target: found %s\n", target->name); t->u.kernel.target = target; + ret = xt_check_target(target, AF_INET, t->u.target_size - sizeof(*t), + table, hook, 0, 0); + if (ret) + return ret; + if (t->u.kernel.target->checkentry && !t->u.kernel.target->checkentry(table, NULL, t->u.kernel.target, t->data, |