iptables: Valid policies are only ACCEPT and DROP

author: Daniel Wagner <daniel.wagner@bmw-carit.de> 2013-03-06 16:08:54 +0100
committer: Patrik Flykt <patrik.flykt@linux.intel.com> 2013-03-07 10:07:12 +0200
commit: 60c18c2aab0cf1a6a7ce2d58d87df046a675d81a (patch)
tree: 25a71c817f4e2bf2832c605e64035861788ba56c /src/iptables.c
parent: cbfa3977195dd62ba135e075513cf32c7318ea12 (diff)
download: connman-60c18c2aab0cf1a6a7ce2d58d87df046a675d81a.tar.gz
connman-60c18c2aab0cf1a6a7ce2d58d87df046a675d81a.tar.bz2
connman-60c18c2aab0cf1a6a7ce2d58d87df046a675d81a.zip
1 files changed, 6 insertions, 1 deletions
diff --git a/src/iptables.c b/src/iptables.c
index 158dcf39..734ebc11 100644
--- a/src/iptables.c
+++ b/src/iptables.c
@@ -1061,8 +1061,13 @@ static int iptables_change_policy(struct connman_iptables *table,
 	int verdict;
 
 	verdict = target_to_verdict(policy);
-	if (verdict == 0)
+	switch (verdict) {
+	case -NF_ACCEPT - 1:
+	case -NF_DROP - 1:
+		break;
+	default:
 		return -EINVAL;
+	}
 
 	chain_head = find_chain_head(table, chain_name);
 	if (chain_head == NULL)
author	Daniel Wagner <daniel.wagner@bmw-carit.de>	2013-03-06 16:08:54 +0100
committer	Patrik Flykt <patrik.flykt@linux.intel.com>	2013-03-07 10:07:12 +0200
commit	60c18c2aab0cf1a6a7ce2d58d87df046a675d81a (patch)
tree	25a71c817f4e2bf2832c605e64035861788ba56c /src/iptables.c
parent	cbfa3977195dd62ba135e075513cf32c7318ea12 (diff)
download	connman-60c18c2aab0cf1a6a7ce2d58d87df046a675d81a.tar.gz connman-60c18c2aab0cf1a6a7ce2d58d87df046a675d81a.tar.bz2 connman-60c18c2aab0cf1a6a7ce2d58d87df046a675d81a.zip