All of lore.kernel.org
 help / color / mirror / Atom feed
* [IPTABLES PATCH] chain name should not start with '!'
@ 2005-06-03  8:03 Yasuyuki KOZAKAI
  2005-06-03  8:33 ` Pablo Neira
  2005-06-11 15:10 ` Patrick McHardy
  0 siblings, 2 replies; 6+ messages in thread
From: Yasuyuki KOZAKAI @ 2005-06-03  8:03 UTC (permalink / raw)
  To: netfilter-devel

[-- Attachment #1: Type: Text/Plain, Size: 217 bytes --]


Hi,

This patch fixes the bug allows to create the chain with name "!".

Regards,

-----------------------------------------------------------------
Yasuyuki Kozakai @ USAGI Project <yasuyuki.kozakai@toshiba.co.jp>


[-- Attachment #2: iptables.patch --]
[-- Type: Text/Plain, Size: 533 bytes --]

Index: iptables.c
===================================================================
--- iptables.c	(revision 3951)
+++ iptables.c	(working copy)
@@ -1925,10 +1925,10 @@
 			break;
 
 		case 'N':
-			if (optarg && *optarg == '-')
+			if (optarg && (*optarg == '-' || *optarg == '!'))
 				exit_error(PARAMETER_PROBLEM,
 					   "chain name not allowed to start "
-					   "with `-'\n");
+					   "with `%c'\n", *optarg);
 			if (find_target(optarg, TRY_LOAD))
 				exit_error(PARAMETER_PROBLEM,
 					   "chain name may not clash "

^ permalink raw reply	[flat|nested] 6+ messages in thread
* Re: [IPTABLES PATCH] chain name should not start with '!'
  2005-06-03  8:03 [IPTABLES PATCH] chain name should not start with '!' Yasuyuki KOZAKAI
@ 2005-06-03  8:33 ` Pablo Neira
  2005-06-03  9:24   ` Yasuyuki KOZAKAI
  2005-06-11 15:10 ` Patrick McHardy
  1 sibling, 1 reply; 6+ messages in thread
From: Pablo Neira @ 2005-06-03  8:33 UTC (permalink / raw)
  To: Yasuyuki KOZAKAI; +Cc: netfilter-devel

Hi Yasuyuki,

Yasuyuki KOZAKAI wrote:
> This patch fixes the bug allows to create the chain with name "!".
> 
> Regards,
> 
> -----------------------------------------------------------------
> Yasuyuki Kozakai @ USAGI Project <yasuyuki.kozakai@toshiba.co.jp>
> 
> 
> ------------------------------------------------------------------------
> 
> Index: iptables.c
> ===================================================================
> --- iptables.c	(revision 3951)
> +++ iptables.c	(working copy)

please, could you send the same fix for ip6tables.c? it's got the same 
problem.

Thanks,
Pablo

^ permalink raw reply	[flat|nested] 6+ messages in thread
* Re: [IPTABLES PATCH] chain name should not start with '!'
  2005-06-03  8:33 ` Pablo Neira
@ 2005-06-03  9:24   ` Yasuyuki KOZAKAI
  0 siblings, 0 replies; 6+ messages in thread
From: Yasuyuki KOZAKAI @ 2005-06-03  9:24 UTC (permalink / raw)
  To: pablo; +Cc: netfilter-devel

[-- Attachment #1: Type: Text/Plain, Size: 880 bytes --]


Good point. Here you are,

-----------------------------------------------------------------
Yasuyuki Kozakai @ USAGI Project <yasuyuki.kozakai@toshiba.co.jp>

From: Pablo Neira <pablo@eurodev.net>
Date: Fri, 03 Jun 2005 10:33:20 +0200

> Hi Yasuyuki,
> 
> Yasuyuki KOZAKAI wrote:
> > This patch fixes the bug allows to create the chain with name "!".
> > 
> > Regards,
> > 
> > -----------------------------------------------------------------
> > Yasuyuki Kozakai @ USAGI Project <yasuyuki.kozakai@toshiba.co.jp>
> > 
> > 
> > ------------------------------------------------------------------------
> > 
> > Index: iptables.c
> > ===================================================================
> > --- iptables.c	(revision 3951)
> > +++ iptables.c	(working copy)
> 
> please, could you send the same fix for ip6tables.c? it's got the same 
> problem.
> 
> Thanks,
> Pablo

[-- Attachment #2: ip6tables.patch --]
[-- Type: Text/Plain, Size: 536 bytes --]

Index: ip6tables.c
===================================================================
--- ip6tables.c	(revision 3951)
+++ ip6tables.c	(working copy)
@@ -1822,10 +1822,10 @@
 			break;
 
 		case 'N':
-			if (optarg && *optarg == '-')
+			if (optarg && (*optarg == '-' || *optarg == '!'))
 				exit_error(PARAMETER_PROBLEM,
 					   "chain name not allowed to start "
-					   "with `-'\n");
+					   "with `%c'\n", *optarg);
 			if (find_target(optarg, TRY_LOAD))
 				exit_error(PARAMETER_PROBLEM,
 					   "chain name may not clash "

^ permalink raw reply	[flat|nested] 6+ messages in thread
* Re: [IPTABLES PATCH] chain name should not start with '!'
  2005-06-03  8:03 [IPTABLES PATCH] chain name should not start with '!' Yasuyuki KOZAKAI
  2005-06-03  8:33 ` Pablo Neira
@ 2005-06-11 15:10 ` Patrick McHardy
  2005-06-13  0:50   ` Yasuyuki KOZAKAI
  1 sibling, 1 reply; 6+ messages in thread
From: Patrick McHardy @ 2005-06-11 15:10 UTC (permalink / raw)
  To: Yasuyuki KOZAKAI; +Cc: netfilter-devel

Yasuyuki KOZAKAI wrote:
> This patch fixes the bug allows to create the chain with name "!".

Is there a technical reason for this or is it just "cleanup"?

Regards
Patrick

^ permalink raw reply	[flat|nested] 6+ messages in thread
* Re: [IPTABLES PATCH] chain name should not start with '!'
  2005-06-11 15:10 ` Patrick McHardy
@ 2005-06-13  0:50   ` Yasuyuki KOZAKAI
  2005-06-13  0:54     ` Patrick McHardy
  0 siblings, 1 reply; 6+ messages in thread
From: Yasuyuki KOZAKAI @ 2005-06-13  0:50 UTC (permalink / raw)
  To: kaber; +Cc: netfilter-devel, yasuyuki.kozakai


From: Patrick McHardy <kaber@trash.net>
Date: Sat, 11 Jun 2005 17:10:47 +0200

> > This patch fixes the bug allows to create the chain with name "!".
>
> Is there a technical reason for this or is it just "cleanup"?

-F, -X, -L, -Z cannot take chain names which have prefix "!".

Of cause we can fix processing of their commands, but changing -N is
the easiest way and I think it's better to avoid to use confusing chain name.

Regards,

-----------------------------------------------------------------
Yasuyuki Kozakai @ USAGI Project <yasuyuki.kozakai@toshiba.co.jp>

^ permalink raw reply	[flat|nested] 6+ messages in thread
* Re: [IPTABLES PATCH] chain name should not start with '!'
  2005-06-13  0:50   ` Yasuyuki KOZAKAI
@ 2005-06-13  0:54     ` Patrick McHardy
  0 siblings, 0 replies; 6+ messages in thread
From: Patrick McHardy @ 2005-06-13  0:54 UTC (permalink / raw)
  To: Yasuyuki KOZAKAI; +Cc: netfilter-devel

Yasuyuki KOZAKAI wrote:
> From: Patrick McHardy <kaber@trash.net>
> Date: Sat, 11 Jun 2005 17:10:47 +0200
> 
> 
>>>This patch fixes the bug allows to create the chain with name "!".
>>
>>Is there a technical reason for this or is it just "cleanup"?
> 
> 
> -F, -X, -L, -Z cannot take chain names which have prefix "!".
> 
> Of cause we can fix processing of their commands, but changing -N is
> the easiest way and I think it's better to avoid to use confusing chain name.

Thanks for the explanation, I've applied your patch.

Regards
Patrick

^ permalink raw reply	[flat|nested] 6+ messages in thread
end of thread, other threads:[~2005-06-13  0:54 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-06-03  8:03 [IPTABLES PATCH] chain name should not start with '!' Yasuyuki KOZAKAI
2005-06-03  8:33 ` Pablo Neira
2005-06-03  9:24   ` Yasuyuki KOZAKAI
2005-06-11 15:10 ` Patrick McHardy
2005-06-13  0:50   ` Yasuyuki KOZAKAI
2005-06-13  0:54     ` Patrick McHardy

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.