Hi Tomasz, On 03/06/2013 02:33 PM, Tomasz Bursztyka wrote:
From: Daniel Wagner <[email protected]>--- src/iptables.c | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/src/iptables.c b/src/iptables.c index 93778fa..66a7d2a 100644 --- a/src/iptables.c +++ b/src/iptables.c @@ -275,6 +275,19 @@ static int target_to_verdict(const char *target_name) return 0; } +static int target_to_policy(const char *policy_name) +{ + int verdict; + + verdict = target_to_verdict(policy_name); + + /* Only ACCEPT or DROP are valid chain policies */ + if (verdict == (-NF_ACCEPT - 1) || verdict == (-NF_DROP - 1)) + return verdict; + + return 0; +} + static gboolean is_builtin_target(const char *target_name) { if (!strcmp(target_name, LABEL_ACCEPT) || @@ -1060,7 +1073,7 @@ static int iptables_change_policy(struct connman_iptables *table, struct xt_standard_target *t; int verdict; - verdict = target_to_verdict(policy); + verdict = target_to_policy(policy); if (verdict == 0) return -EINVAL;No need of target_to_policy() just add the check about accept/drop (which is valid) after verdict == 0 and that's it.
Isn't this a style question? I mean this is what target_to_policy() does just it got a pretty name.
cheers, daniel _______________________________________________ connman mailing list [email protected] http://lists.connman.net/listinfo/connman
