From: Daniel Wagner <daniel.wagner@bmw-carit.de>
Date: Wed, 6 Mar 2013 15:08:54 +0000 (+0100)
Subject: iptables: Valid policies are only ACCEPT and DROP
X-Git-Tag: 1.13~113
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=60c18c2aab0cf1a6a7ce2d58d87df046a675d81a;p=platform%2Fupstream%2Fconnman.git

iptables: Valid policies are only ACCEPT and DROP
---

diff --git a/src/iptables.c b/src/iptables.c
index 158dcf3..734ebc1 100644
--- a/src/iptables.c
+++ b/src/iptables.c
@@ -1061,8 +1061,13 @@ static int iptables_change_policy(struct connman_iptables *table,
 	int verdict;
 
 	verdict = target_to_verdict(policy);
-	if (verdict == 0)
+	switch (verdict) {
+	case -NF_ACCEPT - 1:
+	case -NF_DROP - 1:
+		break;
+	default:
 		return -EINVAL;
+	}
 
 	chain_head = find_chain_head(table, chain_name);
 	if (chain_head == NULL)