On Thu, Aug 15, 2013 at 10:19:11AM -0700, Phil Oester wrote: > At present, nft accepts out of range port values such as in this example: > > nft add rule ip filter input tcp dport 123456 accept > > Attached patch adds checks for both integer overflow and 16 bit overflow, > and avoids getaddrinfo call in the (common) case of digit input. Example > above now produces this output: > > <cmdline>:1:36-41: Error: Service out of range > add rule ip filter input tcp dport 123456 accept > ^^^^^^ Applied, thanks Phil. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
