On Thu, 22 Mar 2012 21:26:23 +0300, Dan Carpenter <dan.carpenter@xxxxxxxxxx> wrote:
> Hi Rusty,
>
> The patch eb93992207da: "module_param: make bool parameters really
> bool (net & drivers/net)" from Dec 19, 2011, leads to the following
> warning:
> net/ipv4/netfilter/iptable_filter.c:90 iptable_filter_init()
> warn: 5 is more than 1 (max 'forward' can be) so this is
> always the same.
>
> It's declared like this:
>
> 54 /* Default to forward because I got too much mail already. */
> 55 static bool forward = NF_ACCEPT;
> 56 module_param(forward, bool, 0000);
>
>
> It's used like this:
> 66 ((struct ipt_standard *)repl->entries)[1].target.verdict = -forward - 1;
>
> Smatch complains when check that it's larger than 5.
>
> 90 if (forward < 0 || forward > NF_MAX_VERDICT) {
> 91 pr_err("iptables forward must be 0 or 1\n");
> 92 return -EINVAL;
> 93 }
Thanks Dan!
This was obviously initially an arbitrary value, but someone
made it a bool module parameter (me?). It works for accept and drop, so
let's make it official. Patch coming.
Thanks,
Rusty.
--
How could I marry someone with more hair than me? http://baldalex.org
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
