queueing falls into endless loop?

Mauricio Oliveto mauriciooliveto@yahoo.com
Tue, 2 Oct 2001 12:28:24 -0700 (PDT)

I've been looking into QUEUE target related source
code for a couple days, and I found that nothing
prevents userspace app from returning (via
ipq_set_verdict) a verdict of NF_REPEAT or NF_QUEUE
(among normal NF_ACCEPT or NF_DROP) (in fact I did it:
modified, just for testing, intercept.c to pass

If NF_REPEAT is returned to kernel, nf_reinject will
iterate (nf_iterate) the hook we rode on looking for
same match again and again..... and so on.

Am I missing something?


