iptables: Valid policies are only ACCEPT and DROP

author Daniel Wagner <daniel.wagner@bmw-carit.de>

Wed, 6 Mar 2013 15:08:54 +0000 (16:08 +0100)

committer Patrik Flykt <patrik.flykt@linux.intel.com>

Thu, 7 Mar 2013 08:07:12 +0000 (10:07 +0200)
author Daniel Wagner <daniel.wagner@bmw-carit.de>
Wed, 6 Mar 2013 15:08:54 +0000 (16:08 +0100)
committer Patrik Flykt <patrik.flykt@linux.intel.com>
Thu, 7 Mar 2013 08:07:12 +0000 (10:07 +0200)
diff --git a/src/iptables.c b/src/iptables.c

index 158dcf3..734ebc1 100644 (file)
--- a/src/iptables.c
+++ b/src/iptables.c
@@ -1061,8 +1061,13 @@ static int iptables_change_policy(struct connman_iptables *table,
         int verdict;
  
         verdict = target_to_verdict(policy);
-       if (verdict == 0)
+       switch (verdict) {
+       case -NF_ACCEPT - 1:
+       case -NF_DROP - 1:
+               break;
+       default:
                 return -EINVAL;
+       }
  
         chain_head = find_chain_head(table, chain_name);
         if (chain_head == NULL)
author	Daniel Wagner <daniel.wagner@bmw-carit.de>
	Wed, 6 Mar 2013 15:08:54 +0000 (16:08 +0100)
committer	Patrik Flykt <patrik.flykt@linux.intel.com>
	Thu, 7 Mar 2013 08:07:12 +0000 (10:07 +0200)