On Wed, Aug 01, 2018 at 06:22:46PM +0200, Phil Sutter wrote: > On Fri, Jul 27, 2018 at 01:29:07PM +0200, Pablo Neira Ayuso wrote: > > On Fri, Jul 27, 2018 at 12:53:22PM +0200, Phil Sutter wrote: > > > Hi, > > > > > > On Fri, Jul 27, 2018 at 11:45:16AM +0200, Pablo Neira Ayuso wrote: > > > > On Fri, Jul 27, 2018 at 12:22:33AM +0200, Phil Sutter wrote: > > > > > This should happen in ebtables-restore only: If a previous rule > > > > > contained a standard target, the standard target object is inserted into > > > > > xtables_targets. Though since that doesn't have a 'parse' callback, the > > > > > code segfaults. Therefore make the code ignore that special object > > > > > (which is not an issue since standard targets don't support parameters). > > > > > > > > Hm, I see. > > > > > > > > How can this the standard target get into this list? > > > > > > IIRC, the code flow is like this: > > > > > > -> do_commandeb() encounters '-j' parameter > > > -> command_jump() > > > -> xtables_find_target() > > > -> xtables_fully_register_pending_target() > > > > I see, but what is the rule that loads the standard target or it is > > already there? > > > > Asking this because we don't seem to need this in the > > iptables/xtables.c parser. > > For unknown arguments, do_parse() calls command_default() which searches > the list of matches in cs->matches. In ebtables, this code is different > in that the global xtables_matches list is searched instead. Probably > that's why standard target is encountered by ebtables but not iptables. OK, thanks for explaining. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
