Patchwork [05/11] netfilter: nf_tables: send notifications for base chain policy changes

login
register
mail settings
Submitter Patrick McHardy
Date Dec. 12, 2012, 6:47 p.m.
Message ID <1355338061-5517-6-git-send-email-kaber@trash.net>
Download mbox | patch
Permalink /patch/205618/
State Accepted
Headers show

Comments

Patrick McHardy - Dec. 12, 2012, 6:47 p.m.
From: Patrick McHardy <kaber@trash.net>

Fix missing netlink notification for policy changes.

Signed-off-by: Patrick McHardy <kaber@trash.net>
---
 net/netfilter/nf_tables_api.c | 10 ++++++----
 1 Datei geändert, 6 Zeilen hinzugefügt(+), 4 Zeilen entfernt(-)

Patch

diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index 11502db..4b36b0a 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -783,10 +783,12 @@  static int nf_tables_newchain(struct sock *nlsk, struct sk_buff *skb,
 		if (nla[NFTA_CHAIN_POLICY]) {
 			if (!(chain->flags & NFT_BASE_CHAIN))
 				return -EOPNOTSUPP;
-			return nf_tables_chain_policy(nft_base_chain(chain),
-						      nla[NFTA_CHAIN_POLICY]);
+			err = nf_tables_chain_policy(nft_base_chain(chain),
+						     nla[NFTA_CHAIN_POLICY]);
+			if (err < 0)
+				return err;
 		}
-		return 0;
+		goto notify;
 	}
 
 	if (nla[NFTA_CHAIN_HOOK]) {
@@ -866,7 +868,7 @@  static int nf_tables_newchain(struct sock *nlsk, struct sk_buff *skb,
 			return err;
 		}
 	}
-
+notify:
 	nf_tables_chain_notify(skb, nlh, table, chain, NFT_MSG_NEWCHAIN,
 			       family);
 	return 0;