]> bbs.cooldavid.org Git - net-next-2.6.git/blobdiff - net/bridge/netfilter/ebtables.c
git://bbs.cooldavid.org / net-next-2.6.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge branch 'master' of /repos/git/net-next-2.6
[net-next-2.6.git] / net / bridge / netfilter / ebtables.c
diff --git a/net/bridge/netfilter/ebtables.c b/net/bridge/netfilter/ebtables.c
index 12beb580aa21851dd1dd071e1ab100cfa8b93ba1..208f4e32e732695e303db69f9b488b48e2a9a81e 100644 (file)
--- a/net/bridge/netfilter/ebtables.c
+++ b/net/bridge/netfilter/ebtables.c
@@ -1413,6 +1413,9 @@ static int do_ebt_set_ctl(struct sock *sk,
 {
        int ret;
 
+       if (!capable(CAP_NET_ADMIN))
+               return -EPERM;
+
        switch(cmd) {
        case EBT_SO_SET_ENTRIES:
                ret = do_replace(sock_net(sk), user, len);
@@ -1432,6 +1435,9 @@ static int do_ebt_get_ctl(struct sock *sk, int cmd, void __user *user, int *len)
        struct ebt_replace tmp;
        struct ebt_table *t;
 
+       if (!capable(CAP_NET_ADMIN))
+               return -EPERM;
+
        if (copy_from_user(&tmp, user, sizeof(tmp)))
                return -EFAULT;
 
Clone of davem's net-next-2.6 tree