diff mbox

nft: loop optimization

Message ID 20130619111423.7135.60976.stgit@localhost
State Accepted
Headers show

Commit Message

Giuseppe Longo June 19, 2013, 11:14 a.m. UTC 
This patch prevent in some functions to continue looping after the chain is found.

Signed-off-by: Giuseppe Longo <giuseppelng@gmail.com>
---
 iptables/nft.c |    7 +++++++
 1 files changed, 7 insertions(+), 0 deletions(-)


--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Comments

Pablo Neira Ayuso June 20, 2013, 12:37 p.m. UTC | #1 
On Wed, Jun 19, 2013 at 01:14:23PM +0200, Giuseppe Longo wrote:
> This patch prevent in some functions to continue looping after the chain is found.

Applied, thanks Giuseppe!
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
diff mbox

Patch

diff --git a/iptables/nft.c b/iptables/nft.c
index d51f2f3..42bf50f 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -1275,6 +1275,8 @@  int nft_rule_flush(struct nft_handle *h, const char *chain, const char *table)
 
 		__nft_rule_flush(h, table_name, chain_name);
 
+		if (chain != NULL)
+			break;
 next:
 		c = nft_chain_list_iter_next(iter);
 	}
@@ -1390,6 +1392,9 @@  int nft_chain_user_del(struct nft_handle *h, const char *chain, const char *tabl
 			break;
 
 		deleted_ctr++;
+
+		if (chain != NULL)
+			break;
 next:
 		c = nft_chain_list_iter_next(iter);
 	}
@@ -2893,6 +2898,8 @@  int nft_chain_zero_counters(struct nft_handle *h, const char *chain,
 		if (ret < 0)
 			perror("mnl_talk:nft_chain_zero_counters");
 
+		if (chain != NULL)
+			break;
 next:
 		c = nft_chain_list_iter_next(iter);
 	}