Patchwork [8/8] netfilter: xtables2: execute targets in live rule traversal

login
register
mail settings
Submitter Jan Engelhardt
Date Dec. 4, 2012, 1 a.m.
Message ID <1354582849-26888-9-git-send-email-jengelh@inai.de>
Download mbox | patch
Permalink /patch/203526/
State Not Applicable
Headers show

Comments

Jan Engelhardt - Dec. 4, 2012, 1 a.m.
Signed-off-by: Jan Engelhardt <jengelh@inai.de>
---
 net/netfilter/xt_core.c |    8 ++++++++
 1 file changed, 8 insertions(+)

Patch

diff --git a/net/netfilter/xt_core.c b/net/netfilter/xt_core.c
index 8615fe4..830260c 100644
--- a/net/netfilter/xt_core.c
+++ b/net/netfilter/xt_core.c
@@ -111,6 +111,14 @@  xt2_do_rule(struct sk_buff *skb, const struct xt2_packed_rule *rule,
 			acpar->matchinfo = pa->data;
 			if (!pa->match_ext->match(skb, acpar))
 				break;
+		} else if (pa->type == NFXT_ACTION_TARGET) {
+			unsigned int verdict;
+
+			acpar->target   = pa->target_ext;
+			acpar->targinfo = pa->data;
+			verdict = pa->target_ext->target(skb, acpar);
+			if (verdict != XT_CONTINUE)
+				return verdict;
 		}
 
 	return XT_CONTINUE;