diff mbox

[08/11] netfilter: nf_tables: remove ability to specify handles for new rules

Message ID 1355338061-5517-9-git-send-email-kaber@trash.net
State Accepted
Headers show

Commit Message

Patrick McHardy Dec. 12, 2012, 6:47 p.m. UTC 
From: Patrick McHardy <kaber@trash.net>

Does not serve any useful purpose, simply remove it. Also return an
error if neither a handle nor NLM_F_CREATE is specified.

Signed-off-by: Patrick McHardy <kaber@trash.net>
---
 net/netfilter/nf_tables_api.c | 31 +++++++++++++------------------
 1 Datei geändert, 13 Zeilen hinzugefügt(+), 18 Zeilen entfernt(-)
diff mbox

Patch

diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index afda73f..bacd417 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -1363,26 +1363,21 @@  static int nf_tables_newrule(struct sock *nlsk, struct sk_buff *skb,
 	if (nla[NFTA_RULE_HANDLE]) {
 		handle = be64_to_cpu(nla_get_be64(nla[NFTA_RULE_HANDLE]));
 		rule = __nf_tables_rule_lookup(chain, handle);
-		if (IS_ERR(rule)) {
-			if (PTR_ERR(rule) != -ENOENT)
-				return PTR_ERR(rule);
-			rule = NULL;
-		}
+		if (IS_ERR(rule))
+			return PTR_ERR(rule);
 
-		if (rule != NULL) {
-			if (nlh->nlmsg_flags & NLM_F_EXCL)
-				return -EEXIST;
-			if (nlh->nlmsg_flags & NLM_F_REPLACE) {
-				old_rule = rule;
-				rule = NULL;
-			} else
-				return 0;
-		}
-	} else
+		if (nlh->nlmsg_flags & NLM_F_EXCL)
+			return -EEXIST;
+		if (nlh->nlmsg_flags & NLM_F_REPLACE) {
+			old_rule = rule;
+			rule = NULL;
+		} else
+			return 0;
+	} else {
+		if (!create)
+			return -EINVAL;
 		handle = nf_tables_alloc_handle(table);
-
-	if (handle == 0)
-		return -EINVAL;
+	}
 
 	n = 0;
 	size = 0;