projects / platform / upstream / connman.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a235ce6) | patch
iptables: Always update options table
authorDaniel Wagner <daniel.wagner@bmw-carit.de>
Wed, 6 Mar 2013 15:08:52 +0000 (16:08 +0100)
committerPatrik Flykt <patrik.flykt@linux.intel.com>
Thu, 7 Mar 2013 08:07:10 +0000 (10:07 +0200)
commitcc660f84f8cceca1586daf84f99b2ad39f87523d
tree457eeeeb4a90f70a50dbb263031e580824b632bftree | snapshot
parenta235ce6ae6276cf69932b4f5f9994617f08baa1fcommit | diff
iptables: Always update options table

The linked list is tracking all loading modules. Since we do not
unload once they are loaded (xtables does not support this), we
might up leaving prepare_matches() before we update the
option table. Since we carefully reset the global xtable state
after executing one rule, this check is wrong, e.g. if we add
to similar rules (same matches (mark, nfacct)). In this case
the second rule would not be parsed correctly. Nasty nasty iptables parser!
src/iptables.c diff | blob | history
Domain: Network & Connectivity / Data Network;