* [PATCH 2.4.37] iptables: handle IPT_RETURN from user target
@ 2009-03-18 13:32 Haim Daniel
2009-03-18 15:24 ` Patrick McHardy
0 siblings, 1 reply; 2+ messages in thread
From: Haim Daniel @ 2009-03-18 13:32 UTC (permalink / raw)
To: netfilter, netfilter-devel
This patch handles IPT_RETURN retcode for user's iptables' targets
(modules).
Up until now it was handled only for the built-in RETURN iptables' target
and IPT_RETURN in a user target resulted in a NF_DROP.
Signed-off-by: Haim Daniel <haimdaniel@gmail.com>
---
diff -Nuap a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c
--- a/net/ipv4/netfilter/ip_tables.c 2009-03-18 14:00:12.000000000 +0200
+++ b/net/ipv4/netfilter/ip_tables.c 2009-03-18 14:00:29.000000000 +0200
@@ -383,6 +383,11 @@ ipt_do_table(struct sk_buff **pskb,
if (verdict == IPT_CONTINUE)
e = (void *)e + e->next_offset;
+ else if (verdict == IPT_RETURN) {
+ e = back;
+ back = get_entry(table_base,
+ back->comefrom);
+ }
else
/* Verdict */
break;
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2009-03-18 15:24 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-03-18 13:32 [PATCH 2.4.37] iptables: handle IPT_RETURN from user target Haim Daniel
2009-03-18 15:24 ` Patrick McHardy
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox