diff options
author | Al Viro <viro@zeniv.linux.org.uk> | 2006-11-30 22:24:49 -0500 |
---|---|---|
committer | David S. Miller <davem@sunset.davemloft.net> | 2006-12-03 00:31:55 -0500 |
commit | 98a0824a0f33d051f31ca8ff59e289755b244ede (patch) | |
tree | 5f8ea3519c60809dc880dfb9737d6a5ebcd8dab0 /net/bridge | |
parent | 40642f95f5f818579bc4cc3ee084b033e662d5b3 (diff) |
[EBTABLES]: Deal with the worst-case behaviour in loop checks.
No need to revisit a chain we'd already finished with during
the check for current hook. It's either instant loop (which
we'd just detected) or a duplicate work.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/bridge')
-rw-r--r-- | net/bridge/netfilter/ebtables.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/net/bridge/netfilter/ebtables.c b/net/bridge/netfilter/ebtables.c index 6ab7674ea454..46ab9b759269 100644 --- a/net/bridge/netfilter/ebtables.c +++ b/net/bridge/netfilter/ebtables.c | |||
@@ -717,7 +717,9 @@ static int check_chainloops(struct ebt_entries *chain, struct ebt_cl_stack *cl_s | |||
717 | BUGPRINT("loop\n"); | 717 | BUGPRINT("loop\n"); |
718 | return -1; | 718 | return -1; |
719 | } | 719 | } |
720 | /* this can't be 0, so the above test is correct */ | 720 | if (cl_s[i].hookmask & (1 << hooknr)) |
721 | goto letscontinue; | ||
722 | /* this can't be 0, so the loop test is correct */ | ||
721 | cl_s[i].cs.n = pos + 1; | 723 | cl_s[i].cs.n = pos + 1; |
722 | pos = 0; | 724 | pos = 0; |
723 | cl_s[i].cs.e = ((void *)e + e->next_offset); | 725 | cl_s[i].cs.e = ((void *)e + e->next_offset); |