iptables: Fix fallthrough rules

author Daniel Wagner <daniel.wagner@bmw-carit.de>

Tue, 12 Feb 2013 09:19:52 +0000 (10:19 +0100)

committer Patrik Flykt <patrik.flykt@linux.intel.com>

Tue, 12 Feb 2013 10:34:51 +0000 (12:34 +0200)
author Daniel Wagner <daniel.wagner@bmw-carit.de>
Tue, 12 Feb 2013 09:19:52 +0000 (10:19 +0100)
committer Patrik Flykt <patrik.flykt@linux.intel.com>
Tue, 12 Feb 2013 10:34:51 +0000 (12:34 +0200)
diff --git a/src/iptables.c b/src/iptables.c

index e395af7..c0c9694 100644 (file)
--- a/src/iptables.c
+++ b/src/iptables.c
@@ -295,6 +295,17 @@ static gboolean is_jump(struct connman_iptables_entry *e)
         return false;
  }
  
+static gboolean is_fallthrough(struct connman_iptables_entry *e)
+{
+       struct xt_entry_target *target;
+
+       target = ipt_get_target(e->entry);
+       if (!strcmp(target->u.user.name, ""))
+               return true;
+
+       return false;
+}
+
  static gboolean is_chain(struct connman_iptables *table,
                                 struct connman_iptables_entry *e)
  {
@@ -413,6 +424,16 @@ static void update_targets_reference(struct connman_iptables *table,
                                 t->verdict += offset;
                 }
         }
+
+       if (is_fallthrough(modified_entry)) {
+               t = (struct xt_standard_target *) ipt_get_target(modified_entry->entry);
+
+               t->verdict = entry_before->offset +
+                       modified_entry->entry->target_offset +
+                       ALIGN(sizeof(struct xt_standard_target));
+               t->target.u.target_size =
+                       ALIGN(sizeof(struct xt_standard_target));
+       }
  }
  
  static int iptables_add_entry(struct connman_iptables *table,
author	Daniel Wagner <daniel.wagner@bmw-carit.de>
	Tue, 12 Feb 2013 09:19:52 +0000 (10:19 +0100)
committer	Patrik Flykt <patrik.flykt@linux.intel.com>
	Tue, 12 Feb 2013 10:34:51 +0000 (12:34 +0200)