From 0fa027802fabba6bc85813ace35e29727c73cd08 Mon Sep 17 00:00:00 2001
From: Tom Eastep <teastep@shorewall.net>
Date: Mon, 14 Feb 2011 10:50:04 -0800
Subject: [PATCH] Don't allow accounting or manual changes to have the name of
 a builtin target

---
 Shorewall/Perl/Shorewall/Chains.pm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Shorewall/Perl/Shorewall/Chains.pm b/Shorewall/Perl/Shorewall/Chains.pm
index aa1e128b7..b9aea45cd 100644
--- a/Shorewall/Perl/Shorewall/Chains.pm
+++ b/Shorewall/Perl/Shorewall/Chains.pm
@@ -1330,7 +1330,7 @@ sub ensure_accounting_chain( $$$ )
 	$chainref->{restriction} |= $restriction;
     } else {
 	fatal_error "Chain name ($chain) too long" if length $chain > 29;
-	fatal_error "Invalid Chain name ($chain)" unless $chain =~ /^[-\w]+$/;
+	fatal_error "Invalid Chain name ($chain)" unless $chain =~ /^[-\w]+$/ && ! $builtin_target{$chain};
 	$chainref = new_chain 'filter' , $chain;
 	$chainref->{accounting}  = 1;
 	$chainref->{referenced}  = 1;
@@ -1421,7 +1421,7 @@ sub new_nat_chain($) {
 sub new_manual_chain($) {
     my $chain = $_[0];
     fatal_error "Chain name ($chain) too long" if length $chain > 29;
-    fatal_error "Invalid Chain name ($chain)" unless $chain =~ /^[-\w]+$/;
+    fatal_error "Invalid Chain name ($chain)" unless $chain =~ /^[-\w]+$/ && ! $builtin_target{$chain};
     fatal_error "Duplicate Chain Name ($chain)" if $targets{$chain} || $filter_table->{$chain};
     $targets{$chain} = CHAIN;
     ( my $chainref = ensure_filter_chain( $chain, 0) )->{manual} = 1;