[PATCH] fw3: zones: limit zone names to 11 bytes
Alexey Dobrovolsky
dobrovolskiy.alexey at gmail.com
Sun Aug 30 17:10:09 EDT 2020
As defined in currently used iptables v1.8.4 [0], [1], chain name must be
under 29 chars. Thus, user can only edit 11 chars. See also [3].
[0] https://git.netfilter.org/iptables/tree/iptables/xtables.c?h=v1.8.4&id=2b506c6681c7b01803f06b258a39e9da9012e5c5#n1004
[1] https://git.netfilter.org/iptables/tree/include/linux/netfilter/x_tables.h?h=v1.8.4&id=2b506c6681c7b01803f06b258a39e9da9012e5c5#n7
[3] https://dev.archive.openwrt.org/ticket/20380
Signed-off-by: Alexey Dobrovolsky <dobrovolskiy.alexey at gmail.com>
---
zones.h | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/zones.h b/zones.h
index d786736..05f8554 100644
--- a/zones.h
+++ b/zones.h
@@ -22,8 +22,11 @@
#include "options.h"
#include "iptables.h"
-/* 32 - sizeof("postrouting_") - sizeof("_rule") - sizeof("\0") */
-#define FW3_ZONE_MAXNAMELEN 14
+/*
+ * chain name in iptables must be under 29 chars
+ * 29 - sizeof("postrouting_") - sizeof("_rule") - sizeof("\0")
+ */
+#define FW3_ZONE_MAXNAMELEN 11
extern const struct fw3_option fw3_zone_opts[];
--
2.17.1
More information about the openwrt-devel
mailing list